Microsoft KB Archive/318062

= FIX: Web Services Methods Fail When Invoked from Digest Authenticated Applications =

Article ID: 318062

Article Last Modified on 4/7/2003

-

APPLIES TO


 * Microsoft Web Services Enhancements for Microsoft .NET 2.0

-



This article was previously published under Q318062



SYMPTOMS
Note The following .NET Framework Class Library namespaces are referenced in this article:

System.Web.Services

System.Security.Principal

When you enable a Digest authentication for a Web Service in Internet Information Server (IIS) 5.0, the following error is returned:

HTTP 401.4 - Unauthorized: Authorization denied by filter



RESOLUTION
This bug will be fixed in Windows 2000 Service Pack 3.



STATUS
This bug was corrected in .NET Framework (2003|1.1).



Steps to Reproduce Behavior
  Open Notepad and copy the following code to create a Test.asmx file: <%@ WebService Language=&quot;c#&quot; class=&quot;AuthVarsService&quot; %> using System; using System.Web; using System.Web.Services; using System.Security.Principal;

public class AuthVarsService : WebService {

[WebMethod] public String GetValue {   String _MyString=&quot;&quot;;

WindowsImpersonationContext ctx = ((WindowsIdentity)Context.User.Identity).Impersonate;

_MyString += &quot;{Request.IsAuthenticated = &quot; + Context.Request.IsAuthenticated + &quot;} &quot;; _MyString += &quot;{AUTH_TYPE = &quot; + Context.Request.ServerVariables[&quot;AUTH_TYPE&quot;]  + &quot;} &quot;; _MyString += &quot;{AUTH_USER = &quot; + Context.Request.ServerVariables[&quot;AUTH_USER&quot;]  + &quot;} &quot;; _MyString += &quot;{AUTH_PASSWORD = &quot; + Context.Request.ServerVariables[&quot;AUTH_PASSWORD&quot;]  + &quot;} &quot;; _MyString += &quot;{LOGON_USER = &quot; + Context.Request.ServerVariables[&quot;LOGON_USER&quot;]  + &quot;} &quot;; _MyString += &quot;{REMOTE_USER = &quot; + Context.Request.ServerVariables[&quot;REMOTE_USER&quot;]  + &quot;} &quot;; _MyString += &quot;{Context.User.Identity.Name =&quot; + Context.User.Identity.Name + &quot;} &quot;; _MyString += &quot;{Context.User.Identity.AuthenticationType =&quot; + Context.User.Identity.AuthenticationType + &quot;} &quot;;

_MyString += &quot;{WindowsIdentity.GetCurrent.Name =&quot; + System.Security.Principal.WindowsIdentity.GetCurrent.Name + &quot;}&quot; ;

return _MyString; }

}                    Create a virtual directory named App in IIS, and copy the Test.asmx page to its root directory. Right-click the App virtual directory in IIS, and then click Properties. Click the Directory Security tab. Under Anonymous Access and Authentication Control, click Edit. Request the page with the following URL:

http://localhost/app/test.asmx/GetValue

</li> Make sure that only Digest authentication for Windows domain servers is selected.</li> Provide valid logon credentials for Digest authentication.

NOTE: Digest authentication requires Active Directory.</li></ol>

Upon successful authentication, you receive the following message:

200 OK

However, you receive the error message that is listed in the &quot;Symptoms&quot; section.

<div class="references_section">