|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Remoting IPCChannel security with ServiceI have a simple remoting sample using IPCChannel. If I run the server code
as a console app my client can connect just fine. However, if I the same server code runs in a service, the client gets a RemotingException of "Failed to connect to an IPC Port: Access is denied". The Access is denied changes if my service isn't running to "The system cannot find the file specified" so the I think I'm connecting but being denied due to some type of security issue. I'm very weak on security, My service runs under Local System and can potentially service requests from multiple users. This is a low security situation so what is the simplest way to get the server to allow any client to connect or code the client so the server will always allow it to connect? Thanks, -- Grant Schenck have you tried setting
secure=false in config (huh - did i say this?) there is also a authorizedGroup setting in the server config where you can control who can access the servr. --- Dominick Baier, DevelopMentor http://www.leastprivilege.com Show quoteHide quote > I have a simple remoting sample using IPCChannel. If I run the server > code as a console app my client can connect just fine. However, if I > the same server code runs in a service, the client gets a > RemotingException of "Failed to connect to an IPC Port: Access is > denied". > > The Access is denied changes if my service isn't running to "The > system cannot find the file specified" so the I think I'm connecting > but being denied due to some type of security issue. > > I'm very weak on security, My service runs under Local System and can > potentially service requests from multiple users. This is a low > security situation so what is the simplest way to get the server to > allow any client to connect or code the client so the server will > always allow it to connect? > > Thanks, > Sorry, but where am I setting secure=false?
This is where I create my remote object in my server: // Create an instance of a channel m_ServerChannel = new IpcServerChannel(("STCallLogTestServerChannel"); ChannelServices.RegisterChannel(m_ServerChannel, false); // Register as an available service m_MakeCallTestServer = new STCallLogTestServer(MakeCall); RemotingServices.Marshal(m_MakeCallTestServer, "STCallLogTestServer"); And this is where I call a method on the object from a client and where I get the error: sample = (STCallLogTestInterface)Activator.GetObject(typeof(IPCRemoteShared.STCallLogTestInterface), "IPC://STCallLogTestServerChannel/STCallLogTestServer"); >>>> int nResult = sample.MakeCall("212", "82032615223", 30, So, not sure where I'm setting secure=false and where authorizedGroup comes >>>> ref strResults); in... Thanks, -- Show quoteHide quoteGrant Schenck "Dominick Baier" <dbaier@pleasepleasenospam_leastprivilege.com> wrote in message news:4580be63135f08c8a572df6c7ce0@news.microsoft.com... > have you tried setting > secure=false > > in config > (huh - did i say this?) > > there is also a > authorizedGroup > > setting in the server config where you can control who can access the > servr. > > --- > Dominick Baier, DevelopMentor > http://www.leastprivilege.com > >> I have a simple remoting sample using IPCChannel. If I run the server >> code as a console app my client can connect just fine. However, if I >> the same server code runs in a service, the client gets a >> RemotingException of "Failed to connect to an IPC Port: Access is >> denied". >> >> The Access is denied changes if my service isn't running to "The >> system cannot find the file specified" so the I think I'm connecting >> but being denied due to some type of security issue. >> >> I'm very weak on security, My service runs under Local System and can >> potentially service requests from multiple users. This is a low >> security situation so what is the simplest way to get the server to >> allow any client to connect or code the client so the server will >> always allow it to connect? >> >> Thanks, >> > > Problem solved!
I needed to use authorizedGroup = "Users" when creating the IPCServerChannel. Thanks, Show quoteHide quote "Dominick Baier" <dbaier@pleasepleasenospam_leastprivilege.com> wrote in message news:4580be63135f08c8a572df6c7ce0@news.microsoft.com... > have you tried setting > secure=false > > in config > (huh - did i say this?) > > there is also a > authorizedGroup > > setting in the server config where you can control who can access the > servr. > > --- > Dominick Baier, DevelopMentor > http://www.leastprivilege.com > >> I have a simple remoting sample using IPCChannel. If I run the server >> code as a console app my client can connect just fine. However, if I >> the same server code runs in a service, the client gets a >> RemotingException of "Failed to connect to an IPC Port: Access is >> denied". >> >> The Access is denied changes if my service isn't running to "The >> system cannot find the file specified" so the I think I'm connecting >> but being denied due to some type of security issue. >> >> I'm very weak on security, My service runs under Local System and can >> potentially service requests from multiple users. This is a low >> security situation so what is the simplest way to get the server to >> allow any client to connect or code the client so the server will >> always allow it to connect? >> >> Thanks, >> > > 
Other interesting topics
IIS 6.0 Bug?
SecurityExcepion inside DLL linked in an HTML tag OBJECT System.UnauthorizedAccessException - Using win forms application opening file - Urgent Generating RSA key with different public exponent Data Acess aplication block Saving config file - System.UnauthorizedAccessException RSACryptoServiceProvider Data Acess aplication block __How to use it on server without Microsoft Visual Studio 2003 AzAuthorizationStore.Initialize on ADAM Url throws FileNotFoundException Help-Please!!! |
|||||||||||||||||||||||
