ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Windows AD auth token propagate via IIB REST to IIS/ASP.net

Post new topic  Reply to topic
 Windows AD auth token propagate via IIB REST to IIS/ASP.net « View previous topic :: View next topic » 
Author Message
sunny_30
PostPosted: Fri Jul 12, 2019 11:32 am    Post subject: Windows AD auth token propagate via IIB REST to IIS/ASP.net Reply with quote

Master

Joined: 03 Oct 2005
Posts: 258

Need help please. Requirement is to propagate the Windows AD domain user token from WAS frontend app into ASP.net end app via IIBv10 (running on Windows)

WAS invokes the IIB webservice using SOAP/http (soapInput node), WS-Security header is an option. In the same flow, IIB invokes .Net /IIS REST service using Httprequest node. Not sure HTTPrequest nodes support token propagations in the header or whether it needs to be altered to RESTrequest or if a SecurityPEP node needs to be added to the flow

Based on the windows AD login, the authorization is built within the .net app. trying to understand what type of protocols/ token options can be implemented in WAS, IIB and propagate the token to .net end application

read it here https://www.ibm.com/support/knowledgecenter/en/SSMKHH_9.0.0/com.ibm.etools.mft.doc/bp62015_.htm reg integrating IIB using IWA. sounds like this is the path I need to be taking using httprequest node to invoke the .Net service
Back to top
View user's profile Send private message
sunny_30
PostPosted: Fri Jul 19, 2019 8:57 am    Post subject: Reply with quote

Master

Joined: 03 Oct 2005
Posts: 258

Does anyone know of a way to be able to impersonate a client who has called a .Net REST/http service via IIBv10.
I can't "log the user on" in order to impersonate them because I don't know their domain password, I only have available their logon UPN (username).
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Windows AD auth token propagate via IIB REST to IIS/ASP.net
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
 
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.