Hello,
I need to call the MDS web-service under the SharePoint account.The MDS web service runs under the user account you are logged in. Being called within the SharePoint process, the MDS service runs under IUSR, not under the SharePount current user credentials.
I turned on Claims To Windows Token Service in the CA and then I used the approach described here:
http://www.codeproject.com/Articles/635197/SharePoint-Claims-Based-Web-Application-Shows-the
This util converts SharePoint user token into WindowsIndentity, and then I can run any piece of code on behalve of this impersonated identity. And in my development environment it works perfectly well (may be because MDS and SharePoint are installed on the same machine). Seems I got rid of SharePoint dependency and switched to windows. However, on another SharePoint server which is in the same domain that mine and which uses the MDS server from my machine, the first call fails with the flollowing error:
The request for security token could not be satisfied because authentication failed.
On the other hand, a trivial console app on this server that calls the MDS web-service directly, without any problem impersonates the current windows user (including “run as” calls). It might mean that SharePoint somehow influences in the authentication.
So can anyone tell me, what can be wrong with caling the MDS web-service under SharePoint?
The MSDN documentation on this topic is so vague that I don’t know where to start.
Thanks in advance.
