"Claus Konrad" <no@spam.thanks> wrote in message
news:etnZHIQcFHA.1404@TK2MSFTNGP09.phx.gbl...
> Hi
>
> Is there any way of getting from a WindowsIdentity (or WindowsPrincipal)
> into a NetworkCredential?
> I'm forced to authenticate myself towards an second server within my
> network, but unfortunately this only accepts Username/password (forms) or
> ICredentials (aka. networkcredentials).
>
> I'm fully authenticated with Kerberos on my primary server (web app).
>
> Thanks a million!
> /Claus
>

"Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in message
news:uXthyqacFHA.3620@TK2MSFTNGP09.phx.gbl...
> System.Net.CredentialCache.DefaultCredentials might be what you're looking
> for.  If you don't think this would help with your scenario, could you
> please explain how your code on the client (primary server) is
> communicating with the target server?
>
>
> "Claus Konrad" <no@spam.thanks> wrote in message
> news:etnZHIQcFHA.1404@TK2MSFTNGP09.phx.gbl...
>> Hi
>>
>> Is there any way of getting from a WindowsIdentity (or WindowsPrincipal)
>> into a NetworkCredential?
>> I'm forced to authenticate myself towards an second server within my
>> network, but unfortunately this only accepts Username/password (forms) or
>> ICredentials (aka. networkcredentials).
>>
>> I'm fully authenticated with Kerberos on my primary server (web app).
>>
>> Thanks a million!
>> /Claus
>>
>
>

"Claus Konrad" <no@spam.thanks> wrote in message
news:utO0d4mcFHA.1448@TK2MSFTNGP14.phx.gbl...
> Well - I'm using a WebApp (ASP.NET) as frontend (hosted by primary
> server).
> Here I have full access to my Identity (WindowsIdentity).
>
> Now - the frontend is calling into a business component (BC). This BC is
> therefore being called from within ASP.NET and thereby instantiated with
> the current identity (that's either ASPNET Machine account or the user
> impersonated).
>
> For the business component to acess the Exchange Server in my datatier,
> I'm using a component from IndependentSoft (WebDav.NET for Exchange). This
> requires my to connect using a ICredential interface. I do NOT have access
> the the current uses password, hence I can not create an instance of a
> NetworkCredential object.
>
> Therefore my question.
> The CredentialCache.DefaultCredentials is empty. Should the frontend be
> adding something into the cache here or what..?
>
>
> Thanks a lot!
>
> /Claus
>
>
>
>
>
> "Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in message
> news:uXthyqacFHA.3620@TK2MSFTNGP09.phx.gbl...
>> System.Net.CredentialCache.DefaultCredentials might be what you're
>> looking for.  If you don't think this would help with your scenario,
>> could you please explain how your code on the client (primary server) is
>> communicating with the target server?
>>
>>
>> "Claus Konrad" <no@spam.thanks> wrote in message
>> news:etnZHIQcFHA.1404@TK2MSFTNGP09.phx.gbl...
>>> Hi
>>>
>>> Is there any way of getting from a WindowsIdentity (or WindowsPrincipal)
>>> into a NetworkCredential?
>>> I'm forced to authenticate myself towards an second server within my
>>> network, but unfortunately this only accepts Username/password (forms)
>>> or ICredentials (aka. networkcredentials).
>>>
>>> I'm fully authenticated with Kerberos on my primary server (web app).
>>>
>>> Thanks a million!
>>> /Claus
>>>
>>
>>
>
>

"Joe Kaplan (MVP - ADSI)" <joseph.e.kap***@removethis.accenture.com> wrote
in message news:O0n5xwncFHA.3912@TK2MSFTNGP15.phx.gbl...
> If you have a WindowsIdentity/WindowsPrincipal for the user, you should be
> able to impersonate that WindowsIdentity and then use
> CredentialCache.DefaultCredentials to get an ICredential.  You can use
> that for calling the remote resource.
>
> The main issue here is that you will also most likely need Kerberos
> delegation in this scenario in order for your credentials to hop to a
> remote machine.
>
> http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/tkerberr.mspx
> http://msdn.microsoft.com/vstudio/using/building/web/default.aspx?pull=/library/en-us/dnnetsec/html/SecNetHT05.asp?FRAME=true#ImplementKerberos
>
> HTH,
>
> Joe K.
>
> "Claus Konrad" <no@spam.thanks> wrote in message
> news:utO0d4mcFHA.1448@TK2MSFTNGP14.phx.gbl...
>> Well - I'm using a WebApp (ASP.NET) as frontend (hosted by primary
>> server).
>> Here I have full access to my Identity (WindowsIdentity).
>>
>> Now - the frontend is calling into a business component (BC). This BC is
>> therefore being called from within ASP.NET and thereby instantiated with
>> the current identity (that's either ASPNET Machine account or the user
>> impersonated).
>>
>> For the business component to acess the Exchange Server in my datatier,
>> I'm using a component from IndependentSoft (WebDav.NET for Exchange).
>> This requires my to connect using a ICredential interface. I do NOT have
>> access the the current uses password, hence I can not create an instance
>> of a NetworkCredential object.
>>
>> Therefore my question.
>> The CredentialCache.DefaultCredentials is empty. Should the frontend be
>> adding something into the cache here or what..?
>>
>>
>> Thanks a lot!
>>
>> /Claus
>>
>>
>>
>>
>>
>> "Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in message
>> news:uXthyqacFHA.3620@TK2MSFTNGP09.phx.gbl...
>>> System.Net.CredentialCache.DefaultCredentials might be what you're
>>> looking for.  If you don't think this would help with your scenario,
>>> could you please explain how your code on the client (primary server) is
>>> communicating with the target server?
>>>
>>>
>>> "Claus Konrad" <no@spam.thanks> wrote in message
>>> news:etnZHIQcFHA.1404@TK2MSFTNGP09.phx.gbl...
>>>> Hi
>>>>
>>>> Is there any way of getting from a WindowsIdentity (or
>>>> WindowsPrincipal) into a NetworkCredential?
>>>> I'm forced to authenticate myself towards an second server within my
>>>> network, but unfortunately this only accepts Username/password (forms)
>>>> or ICredentials (aka. networkcredentials).
>>>>
>>>> I'm fully authenticated with Kerberos on my primary server (web app).
>>>>
>>>> Thanks a million!
>>>> /Claus
>>>>
>>>
>>>
>>
>>
>
>