ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum IndexWebSphere Message Broker SupportWindows AD auth token propagate via IIB REST to IIS/ASP.net

Post new topicReply to topic
Windows AD auth token propagate via IIB REST to IIS/ASP.net View previous topic :: View next topic
Author Message
sunny_30
PostPosted: Fri Jul 12, 2019 11:32 am Post subject: Windows AD auth token propagate via IIB REST to IIS/ASP.net Reply with quote

Master

Joined: 03 Oct 2005
Posts: 257

Need help please. Requirement is to propagate the Windows AD domain user token from WAS frontend app into ASP.net end app via IIBv10 (running on Windows)

WAS invokes the IIB webservice using SOAP/http (soapInput node), WS-Security header is an option. In the same flow, IIB invokes .Net /IIS REST service using Httprequest node. Not sure HTTPrequest nodes support token propagations in the header or whether it needs to be altered to RESTrequest or if a SecurityPEP node needs to be added to the flow

Based on the windows AD login, the authorization is built within the .net app. trying to understand what type of protocols/ token options can be implemented in WAS, IIB and propagate the token to .net end application

read it here https://www.ibm.com/support/knowledgecenter/en/SSMKHH_9.0.0/com.ibm.etools.mft.doc/bp62015_.htm reg integrating IIB using IWA. sounds like this is the path I need to be taking using httprequest node to invoke the .Net service
Back to top
View user's profile Send private message
sunny_30
PostPosted: Fri Jul 19, 2019 8:57 am Post subject: Reply with quote

Master

Joined: 03 Oct 2005
Posts: 257

Does anyone know of a way to be able to impersonate a client who has called a .Net REST/http service via IIBv10.
I can't "log the user on" in order to impersonate them because I don't know their domain password, I only have available their logon UPN (username).
Back to top
View user's profile Send private message
Display posts from previous:
Post new topicReply to topic Page 1 of 1

MQSeries.net Forum IndexWebSphere Message Broker SupportWindows AD auth token propagate via IIB REST to IIS/ASP.net
Jump to:



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP


Theme by Dustin Baccetti
Powered by phpBB 2001, 2002 phpBB Group

Copyright MQSeries.net. All rights reserved.