I'm attempting to use Enterprise SSO to map non-Windows users
(username/password supplied in the XML body of a BizTalk message) to a
Windows account to access a web service that uses Windows Integrated
Authentication.
I'm using the cl***** in BizTalk SSO API
(Microsoft.BizTalk.SSOClient.Interop).
Initially I tried to issue a ticket but couldn't see an obvious way of
passing in the external username/password:
// Get SSO Ticket
ISSOTicket ticket = (ISSOTicket) new SSOTicket();
ticket.IssueTicket(SSOFlag.SSO_EXTERNAL_TO_WINDOWS);
I then focussed on trying to log in the external user:
// Create lookup object for mapping SSO credentials
ISSOLookup2 lookup = (ISSOLookup2)new SSOLookup();
// Lookup Windows user details from on external user
string[] myCredentials = { myPassword };
long windowsHandle = lookup.LogonExternalUser(myApplication,
myUsername, SSOFlag.SSO_EXTERNAL_TO_WINDOWS, ref myCredentials);
This correctly identifies the external user, but results in the following
System.Runtime.InteropServices.COMException:
Failed to connect to the LSA server.
Am I missing some security setup on the BizTalk Service User account or is
there another way for me to achieve what I am looking for?
Any help greatly appreciated.
Graham
