I have an ASP.Net 2.0 WebApp that customers can choose to use Forms Authentication with, or they can choose Windows Authentication.
I am now testing to see if I can get a .Net Remoting deployment working using another IIS web server as the host for my business objects, and a regular web app on IIS as the web server.
I can do this successfully using straight forms authentication; but I cannot seem to get it to work using Windows Security and I've exhausted all of my ideas.
The error I generally get is "Invalid token for impersonation - it cannot be duplicated."
I am running against the IIS Server on my local machine for the server, and I am running the client from within DevStudio. The sneaky thing we are doing with this app is that when a user connects to the "Windows Auth" site; it looks up their windows login in our database and passes a token representing that login to the "Forms Auth" site. The "Forms Auth" site uses that token to get the user's "Forms Login" from the database and authenticates them and gets their permissions.
However, my code doesn't make it near that far. On the first call to a DataPortal.Fetch I get the Invalid Token error. Stepping into the DataPortal I can see that my domain\login is passed through the context; which is what I would expect.
I have tried every combination of the following (I think - yes, I've been at this for days)):
1) Web.config on RemoteHost: <add key="CslaAuthentication" value="CSLA"/>, but sometimes I try <add key="CslaAuthentication" value="Windows"/>
2) Web.config on RemoteHost: <authentication mode="Windows"/>, but sometimes I try None or Forms
3) Web.config on RemoteHost:<identity impersonate="true" />, but sometimes I try false and sometimes I add my credentials
4) Web.config on Client: <add key="CslaAuthentication" value="Csla"/>, but sometimes I try no key or Windows5) Web.config on Client:<add key="CslaDataPortalProxy" value="Csla.DataPortalClient.RemotingProxy, Csla"/><add key="CslaDataPortalUrl" value="http://172.16.2.58/IntraReqWinAuth/WinRemotingPortal.rem"/>
6) Web.config on Client: <authentication mode = "Windows"/>, though sometimes I try "None" or "Forms"
7) IIS Directory Security to Allow Anonymous, Windows Integrated, or both
8) Web.config on RemoteHost: Allow Users = "*"
9) Web.config on RemoteHost: No entry for deny users
I would greatly appreciate any ideas for other things I could try. I am able to implement a basic windows security example from Microsoft's web site using .Net Remoting; but I cannot seem to get it to work using a class derived from CSLA.
Copyright (c) Marimer LLC