C# – From a web service, I need to call another web service within the same web site using windows authentication and asp.net impersonation

ciis-7web services

Background / System Information

  • Windows Server 2008 Standard x64, IIS 7.0
  • I have an IIS site containing individual IIS applications.
  • Each application contains web services written in .NET 4.0, compiled with Any CPU.
  • All applications share the same application pool. The application pool is set to .NET 4.0 and integrated pipeline.
  • The site is setup for ASP.NET Impersonation and Windows Authentication.
  • The site is only utilized within our domain / intranet.
  • Client applications (C# applications not running on the Server 2008 box but within the domain) use the generated proxy classes to pass credentials using the method System.Net.CredentialCache.DefaultCredentials.

Goal

  • We have some web service methods that need to call web service methods that exist in the same site, just another iis application under the site.

Issue

  • When the first web service method calls the second web service method (via the generated proxy classes), passing the DefaultCredentials or the DefaultNetworkCredentials, I get a 401 unauthorized error.

Here is what I know and what I have tried

  • I have reviewed almost all of the articles on so and everyone talks about a double hop. I'm confused about the terminology of a double hop. I'm not hopping to a new machine, i'm on the current machine within the same web site. This isn't a double hop is it?

  • We have the same web services running as .NET 1.1 in IIS 6 on Windows Server 2003 and passing the DefaultCredentials to the second web service call works! no 401 errors. The web services setup on IIS 6 are all using the same application pool and are all setup as applications.

  • On my windows 7 development machine running IIS 7.5 I am able to make this work. I can call a web service using the proxy class from another web service, using the System.Net.CredentialCache.DefaultNetworkCredentials or the System.Net.CredentialCache.DefaultCredentials. It appears my win7 IIS 7.5 site and my server 2008 site are setup the same way.

  • I tried using a different application pool (integrated pipeline) for each application in my site and that didn't help (I didn't think it would).

  • When I set the application pool to classic the site won't start. I get service unavailable errors. This is odd because on my win7 machine I can use classic or integrated pipeline and it works fine.

    I feel like i'm close. Any thoughts or input would be greatly appreciated!

    Thanks,

Related Topic