Hi,
I am writing this thread to ask your help.
I am encountering a problem while we are using PUT
/ DELETE verbs for RESTful webservice.
As you see the below table,
In case I call a web service with
administrator right, all verbs are operated successfully.
In case I call a web service with
non-admin right, the method which is using PUT /
DELETE verbs returns 401.3 error while GET/POST verbs are operated
successfully.
I found some related articles and tested them, but I did not
get reasonable results yet.
http://social.msdn.microsoft.com/Forums/en-US/adodotnetdataservices/thread/3a67a302-6f7d-4453-8ce9-3d540ee8a9fa
As temporary workaround to enable the service, I granted
access right of a user(mydomain\user) to .svc file manually.
(However, I don’t think it could be a solution because of
security violation. )
I would very appreciate it if you would give me any
opinions.
For your convenience, I am attaching a simple .NET project.
I hope I am missing a simple point. J
Thank you.
Verb
|
Admin user
|
Non-admin user
|
GET
|
O
|
O
|
POST
|
O
|
O
|
PUT
|
O
|
X
|
DELETE
|
O
|
X
|
·
System: Windows 2003 + IIS6 + .NET3.5 SP1
·
Setting in Web.Config
<authentication mode="Windows"/>
<identity
impersonate="true"></identity>
::::
Event Message (1)::::
Access is denied.
Description: An error occurred while accessing the resources required to serve
this request. You might not have permission to view the requested resources.
Error
message 401.3: You do not have permission to view this directory or page using
the credentials you supplied (access denied due to Access Control Lists). Ask
the Web server's administrator to give you access to 'C:\BPC\service1.svc'.
:::: Event Message (2)::::
Event
Type:
Information
Event
Source: ASP.NET
2.0.50727.0
Event
Category: Web Event
Event ID: 1314
Date:
2/17/2010
Time:
11:14:27 AM
User:
N/A
Computer:
ICND50076690A
Description:
Event code: 4008
Event message: File authorization failed
for the request.
Event time: 2/17/2010 11:14:27 AM
Event time (UTC): 2/17/2010 2:14:27 AM
Event ID:
7ccb60ad5fd341aaba44f16bdd7f3bfd
Event sequence: 3
Event occurrence: 1
Event detail code: 0
Application information:
Application domain:
/LM/W3SVC/1/Root/Bpc-1-129108464673098914
Trust level: Full
Application Virtual
Path: /Bpc
Application Path:
C:\BPC\
Machine name:
ICND50076690A
Process information:
Process ID: 11392
Process name:
w3wp.exe
Account name: NT
AUTHORITY\NETWORK SERVICE
Request information:
Request URL: http://10.60.50.200/bpc/service1.svc/PUT
Request path:
/bpc/service1.svc/PUT
User host address:
10.60.50.200
User:
ICND50076690A\User
Is authenticated:
True
Authentication Type:
NTLM
Thread account name:
NT AUTHORITY\NETWORK SERVICE
Custom event details:
For more information, see Help and
Support Center at http://go.microsoft.com/fwlink/events.asp.