mibuso.com
Home NAV Three Tier

Database login for Webservice

marvinqmarvinq Member Posts: 69
edited 2012-09-07 in NAV Three Tier
Hi,

Might be a stupid question, but I have not been able to find the exact answer anywhere.

Is it possible to connect to a webservice only with a database login defined in SQL and NAV? Or is it only with a windows-login that I can connect to the webservice?

If I do something like this:

item.UseDefaultCredentials = true;

... naturally the actual user's windows-account is used. But what if I write like this:

item.UseDefaultCredentials = false;
item.Credentials = new System.Net.NetworkCredential([username],[password],[domain]);

... can the credentials here be a database login, or is it only possible to use a windows-login's username and password?

I hope you understand the question.

I would like to provide access to an external application, however I do not want to give the developers a windows-login, giving them the rights to logon to the actual server, and a database-login prevents this - if it is possible. If not possible, are there other ways to prevent this?

Thanks

Comments

  • mikmik Member Posts: 79
    Hi,

    database authentification is not supported. I don't believe there is a way to auth. without a windows user. Service is running under windows account an can only impersonate on other windows accounts I believe.
    With kind regards
    mik
  • kinekine Member Posts: 12,562
    Yes, there is no way to use database login when using NST in NAV 2009. NAV 2013 will may be change this, because there is no impersonalization to SQL and authentication is doing NAV itself (and is supporting different providers).
    Kamil Sacek
    MVP - Dynamics NAV
    My BLOG
    NAVERTICA a.s.
  • mihail_kolevmihail_kolev Member Posts: 379
    it's like login in the domain with SA :)
    -Mihail- [MCTS]
  • marvinqmarvinq Member Posts: 69
    Hi,

    Thank you for all the answers. Although this was the expected (not wanted) answer.

    This gives me a huge security issue, when handing over the Webservice with username and password to "strangers". I guess the only way out is to create an internal proxy that connects directly to NAV's webservice and then handles the authentication with the external application in a different database-login-like way. Do you agree with this? - and have anyone tried something like this with success?

    Thanks
  • kinekine Member Posts: 12,562
    this is no problem. It doesn't matter if you give DB login to the user or some local windows account without permissions. What is the difference? ;-)
    Kamil Sacek
    MVP - Dynamics NAV
    My BLOG
    NAVERTICA a.s.
  • marvinqmarvinq Member Posts: 69
    Hi kine,

    I am not sure if i understand you correctly.

    My problem is that with a windows account the user is able to log on to the actual server, and the system-administrator will not allow this. (The "strangers" are located in the same building). We have tried to adjust the permissions on that windows user, however when blocking for login this also blocks authentication with the webservice.

    It seems to be a dead end.
  • kinekine Member Posts: 12,562
    You can block interactive login only, not whole account.
    Kamil Sacek
    MVP - Dynamics NAV
    My BLOG
    NAVERTICA a.s.
  • marvinqmarvinq Member Posts: 69
    Hi,

    I am not a network-specialist, so I am not sure of what mean. If you got a solution please explain. My tech-guy tried changing permissions in every thinkable way and he did not succeed. The goal is to make a windows user for the webservice, than cannot log on to the server. I guess in some way this is a contradiction.
Sign In or Register to comment.