|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Role-based secu.: IIS hosted remoting server doesn't hold my princI have a VB.Net Windows form based user authentication system. The form authenticates the user info against a server through Remoting that is hosted by IIS. The authentication process runs well all the time. Once the authentication is done, I set up my customized identity and principal and set the principal to the current thread on the server before returning the call back to the client. The thing that suprises me is that, when my client gets back to the server the next time (client gets back through a remoting reference to the same server object that did the authentication), the security principal of the current thread on the server has changed! It went back to Windows principal again, instead of my own principal I just set. What is going on here? I am new to the .Net role-based security in generial and the identiy/principal in perticular. Does this problem has anything to do with the fact that the remoting server is hosted by IIS? Can someone tell me what I am doing wrong and how to correct this? Thanks a million! Sept. 28, 2006
What is the mode of your remoting object - SingleCall or Singleton? .... If it is singlecall, then there is a unique remoting object for each call and not for each session - which means if you replace the principal on one, then it shouldn't affect the next call. Without more info, what I can say is probably you're somehow going to have to set the principal every time, or make sure you remoting object is actually the same one "living" which you changed the principal for... and wasn't timed-out due to inactivity or something. Hope this helps! -- Show quoteHide quoteJoseph Bittman Microsoft Certified Solution Developer Microsoft Most Valuable Professional -- DPM Blog/Web Site: http://CactiDevelopers.ResDev.Net/ "Feng" <F***@discussions.microsoft.com> wrote in message news:F71023DF-A4FC-4C1B-99C5-E19A66DFC0E9@microsoft.com... > Hi, > > I have a VB.Net Windows form based user authentication system. The form > authenticates the user info against a server through Remoting that is > hosted > by IIS. The authentication process runs well all the time. Once the > authentication is done, I set up my customized identity and principal and > set > the principal to the current thread on the server before returning the > call > back to the client. > > The thing that suprises me is that, when my client gets back to the server > the next time (client gets back through a remoting reference to the same > server object that did the authentication), the security principal of the > current thread on the server has changed! It went back to Windows > principal > again, instead of my own principal I just set. > > What is going on here? I am new to the .Net role-based security in > generial > and the identiy/principal in perticular. Does this problem has anything to > do > with the fact that the remoting server is hosted by IIS? Can someone tell > me > what I am doing wrong and how to correct this? > > Thanks a million! > 
Other interesting topics
Using remoting features inside a .NET applet loaded in a tag object
Sending signed and encrypted email. Configuration Tool missing .NET 2.0: SetAccessControl wipe out inherited ACEs deserialize and "medium trust" remote registry access issue on Vista RC1 Drag and Drop Outlook email to Dot Net Framework application? EnvironmentPermission ASN1 unexpected end of data Problems with code access security policy |
|||||||||||||||||||||||
