I have 2 wcf services hosted on IIS on the same computer. Service A is called by the client and uses BasicHttpBindingwith transport security and NTLM credentialtype. Service A must invoke Service B, which is also hosted on IIS but uses WsHttpBindingwith transport security and NTLM credentialtype.
IIS is configured to use integrated Windows authentication.
In the first attempt, I received a 403 message :
System.ServiceModel.Security.MessageSecurityException : The HTTP request was forbidden with client authentication scheme 'Ntlm'.
System.Net.WebException: The remote server returned an error: (403) Forbidden.
This is normal because when I make a call from service A to service B, the application pool identifier is used.
In my second attempt, I tried to personify a call to service B, but then the problem is that all the code in the operation is executed under the caller's account. This account does not have ACL permissions on the server, and providing these permissions is not an option. The following error is being recorded:
System.IO.FileLoadException : Could not load file or assembly 'System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' or one of its dependencies. The handle is invalid. (Exception from HRESULT: 0x80070006 (E_HANDLE))
How can I solve this problem without changing the security of the ACL or application pool identifier?
ghost source
share