c# - Authetication from a Kerberos authenticated machine to an NTLM server -


i stuck on following scenario: running c# program client has authenticationtype kerberos. want use kerberos credentials authenticate sharepoint server webservice still authenticated ntlm. how can login webservice using ntlm client kerberos credentials?

as test program wrote following, adjust program not using constants username, pasword , domain , still function correctly:

using system; using system.security.principal; using testsharepointservices.listservice;  namespace testsharepointservices {      class program     {         static void main(string[] args)         {             string username = "myusername";             string password = "mypassword";             string domain = "mydomain";              listssoapclient client = new listssoapclient();             if (client.clientcredentials != null)             {                 console.writeline("name: " + windowsidentity.getcurrent().name);                 console.writeline("authenticated: " + windowsidentity.getcurrent().isauthenticated);                 console.writeline("authentication type: " + windowsidentity.getcurrent().authenticationtype);                 console.readkey();                 client.clientcredentials.windows.clientcredential =                      new system.net.networkcredential(username, password, domain);                 client.clientcredentials.windows.allowedimpersonationlevel =                     system.security.principal.tokenimpersonationlevel.impersonation;             }               string callback = client.getlist("accounts").tostring();             console.writeline(callback);             console.readkey();         }     } } 

with following app.config:

<?xml version="1.0" encoding="utf-8" ?> <configuration>     <system.servicemodel>         <bindings>             <basichttpbinding>               <binding name="listssoap" closetimeout="00:05:00" opentimeout="00:05:00"                         receivetimeout="00:30:00" sendtimeout="00:05:00" allowcookies="false"                         bypassproxyonlocal="false" hostnamecomparisonmode="strongwildcard"                         maxbufferpoolsize="524288" maxbuffersize="65536" maxreceivedmessagesize="65536"                         textencoding="utf-8" transfermode="buffered" usedefaultwebproxy="true"                         messageencoding="text">                 <readerquotas maxdepth="32" maxstringcontentlength="8192" maxarraylength="16384"                                maxbytesperread="4096" maxnametablecharcount="16384" />                 <security mode="transportcredentialonly">                   <transport clientcredentialtype="ntlm" proxycredentialtype="none" realm="" />                   <message clientcredentialtype="username" algorithmsuite="default" />                 </security>               </binding>             </basichttpbinding>         </bindings>         <client>             <endpoint address="http://sharepointserver/crm/_vti_bin/lists.asmx"                 binding="basichttpbinding" bindingconfiguration="listssoap"                 contract="listservice.listssoap" name="listssoap" />         </client>     </system.servicemodel> </configuration> 

the program outputs:

name: mydomain\myusername

authenticated: true

authentication type: kerberos

xml output sharepoint on screen.

you can't. kerberos has nothing ntlm. absolutely nothing. ntlm windows only. can login windows user/pass , perform ntlm auch. though recommend making sharepoint kerberos-capable less hour work.


Comments

Popular posts from this blog

c++ - Creating new partition disk winapi -

Android Prevent Bluetooth Pairing Dialog -

VBA function to include CDATA -