|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
TcpChannel under .NET 2.0Dear all,
I have read that with TcpChannel under 2.0 client credential are pass throught the server remoting object. How can you then retrive from your server the passed credential issue by the client ? thnaks for help regards serge Have a look here:
http://www.leastprivilege.com/SecureRemotingConfigurationSettings.aspx http://www.leastprivilege.com/SecureRemoting.aspx ----- Dominick Baier (http://www.leastprivilege.com) Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp) Show quoteHide quote > Dear all, > > I have read that with TcpChannel under 2.0 client credential are pass > throught the server remoting object. How can you then retrive from > your server the passed credential issue by the client ? > > thnaks for help > regards > serge Hello,
I have ccheck your sample I cannot make it work... The server start properly but the client crash right a way :-( IN the configuration seetins you mentionned that smae thing need to be apply from client side but in which form ? I have test it but not ablée to see my client credential... For instance, from my client I ma login as BOB, BOB is calling the remote compoenent host by a Windows Service, then from my remote server I would like to receive BOB and verifiy that it belongs to proper groups for SQL authentification Is it what those settings are suppose to do ? regards serge Show quoteHide quote "Dominick Baier" wrote: > Have a look here: > > http://www.leastprivilege.com/SecureRemotingConfigurationSettings.aspx > http://www.leastprivilege.com/SecureRemoting.aspx > > ----- > Dominick Baier (http://www.leastprivilege.com) > > Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp) > > > Dear all, > > > > I have read that with TcpChannel under 2.0 client credential are pass > > throught the server remoting object. How can you then retrive from > > your server the passed credential issue by the client ? > > > > thnaks for help > > regards > > serge > > > exception?
----- Dominick Baier (http://www.leastprivilege.com) Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp) Show quoteHide quote > Hello, > > I have ccheck your sample I cannot make it work... The server start > properly but the client crash right a way :-( > > IN the configuration seetins you mentionned that smae thing need to be > apply from client side but in which form ? > > I have test it but not ablée to see my client credential... > For instance, from my client I ma login as BOB, BOB is calling the > remote > compoenent host by a Windows Service, then from my remote server I > would like > to receive BOB and verifiy that it belongs to proper groups for SQL > authentification > Is it what those settings are suppose to do ? > regards > serge > "Dominick Baier" wrote: > >> Have a look here: >> >> http://www.leastprivilege.com/SecureRemotingConfigurationSettings.asp >> x http://www.leastprivilege.com/SecureRemoting.aspx >> >> ----- >> Dominick Baier (http://www.leastprivilege.com) >> Developing More Secure Microsoft ASP.NET 2.0 Applications >> (http://www.microsoft.com/mspress/books/9989.asp) >> >>> Dear all, >>> >>> I have read that with TcpChannel under 2.0 client credential are >>> pass throught the server remoting object. How can you then retrive >>> from your server the passed credential issue by the client ? >>> >>> thnaks for help >>> regards >>> serge no, the kiind of windows that you get when for instance an aplication is nt
responding anymore. :-( Do the links you mention shoudl give me possibility to pass BOB until my back end. ? I googl somthing around this but not well documented at all. Even on TcpChannls Show quoteHide quote :-( "Dominick Baier" wrote: > exception? > > > ----- > Dominick Baier (http://www.leastprivilege.com) > > Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp) > > > Hello, > > > > I have ccheck your sample I cannot make it work... The server start > > properly but the client crash right a way :-( > > > > IN the configuration seetins you mentionned that smae thing need to be > > apply from client side but in which form ? > > > > I have test it but not ablée to see my client credential... > > For instance, from my client I ma login as BOB, BOB is calling the > > remote > > compoenent host by a Windows Service, then from my remote server I > > would like > > to receive BOB and verifiy that it belongs to proper groups for SQL > > authentification > > Is it what those settings are suppose to do ? > > regards > > serge > > "Dominick Baier" wrote: > > > >> Have a look here: > >> > >> http://www.leastprivilege.com/SecureRemotingConfigurationSettings.asp > >> x http://www.leastprivilege.com/SecureRemoting.aspx > >> > >> ----- > >> Dominick Baier (http://www.leastprivilege.com) > >> Developing More Secure Microsoft ASP.NET 2.0 Applications > >> (http://www.microsoft.com/mspress/books/9989.asp) > >> > >>> Dear all, > >>> > >>> I have read that with TcpChannel under 2.0 client credential are > >>> pass throught the server remoting object. How can you then retrive > >>> from your server the passed credential issue by the client ? > >>> > >>> thnaks for help > >>> regards > >>> serge > > > Runing your sample generate the following exception:
The type initializer for 'System.Runtime.Remoting.Identity' threw an exception. System.TypeInitializationException was unhandled Message="The type initializer for 'System.Runtime.Remoting.Identity' threw an exception." Source="mscorlib" TypeName="System.Runtime.Remoting.Identity" StackTrace: Server stack trace: at System.Runtime.Remoting.Identity.RemoveAppNameOrAppGuidIfNecessary(String uri) at System.Runtime.Remoting.IdentityHolder.ResolveIdentity(String URI) at System.Runtime.Remoting.RemotingServices.GetServerTypeForUri(String URI) at System.Runtime.Remoting.Channels.BinaryServerFormatterSink.ProcessMessage(IServerChannelSinkStack sinkStack, IMessage requestMsg, ITransportHeaders requestHeaders, Stream requestStream, IMessage& responseMsg, ITransportHeaders& responseHeaders, Stream& responseStream) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at LeastPrivilege.Demos.SecureRemoting.ISharedInterface.HelloWorld(String input) at LeastPrivilege.Demos.SecureRemoting.ClientApp.Main() in C:\Users\cal\Downloads\SecureRemoting\Client\Client.cs:line 19 at System.AppDomain.nExecuteAssembly(Assembly assembly, String[] args) at System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args) at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly() at System.Threading.ThreadHelper.ThreadStart_Context(Object state) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Threading.ThreadHelper.ThreadStart() serge Show quoteHide quote "Dominick Baier" wrote: > exception? > > > ----- > Dominick Baier (http://www.leastprivilege.com) > > Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp) > > > Hello, > > > > I have ccheck your sample I cannot make it work... The server start > > properly but the client crash right a way :-( > > > > IN the configuration seetins you mentionned that smae thing need to be > > apply from client side but in which form ? > > > > I have test it but not ablée to see my client credential... > > For instance, from my client I ma login as BOB, BOB is calling the > > remote > > compoenent host by a Windows Service, then from my remote server I > > would like > > to receive BOB and verifiy that it belongs to proper groups for SQL > > authentification > > Is it what those settings are suppose to do ? > > regards > > serge > > "Dominick Baier" wrote: > > > >> Have a look here: > >> > >> http://www.leastprivilege.com/SecureRemotingConfigurationSettings.asp > >> x http://www.leastprivilege.com/SecureRemoting.aspx > >> > >> ----- > >> Dominick Baier (http://www.leastprivilege.com) > >> Developing More Secure Microsoft ASP.NET 2.0 Applications > >> (http://www.microsoft.com/mspress/books/9989.asp) > >> > >>> Dear all, > >>> > >>> I have read that with TcpChannel under 2.0 client credential are > >>> pass throught the server remoting object. How can you then retrive > >>> from your server the passed credential issue by the client ? > >>> > >>> thnaks for help > >>> regards > >>> serge > > > I just tried the download - not sure whats wrong - it works on my machine
(which is a different machine than i used to originally write the sample...) ----- Dominick Baier (http://www.leastprivilege.com) Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp) Show quoteHide quote > Runing your sample generate the following exception: > > The type initializer for 'System.Runtime.Remoting.Identity' threw an > exception. > System.TypeInitializationException was unhandled > Message="The type initializer for 'System.Runtime.Remoting.Identity' > threw > an exception." > Source="mscorlib" > TypeName="System.Runtime.Remoting.Identity" > StackTrace: > Server stack trace: > at > System.Runtime.Remoting.Identity.RemoveAppNameOrAppGuidIfNecessary(Str > ing uri) > at > System.Runtime.Remoting.IdentityHolder.ResolveIdentity(String URI) > at > System.Runtime.Remoting.RemotingServices.GetServerTypeForUri(String > URI) > at > System.Runtime.Remoting.Channels.BinaryServerFormatterSink.ProcessMess > age(IServerChannelSinkStack > sinkStack, IMessage requestMsg, ITransportHeaders requestHeaders, > Stream > requestStream, IMessage& responseMsg, ITransportHeaders& > responseHeaders, > Stream& responseStream) > Exception rethrown at [0]: > at > System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage > reqMsg, IMessage retMsg) > at > System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& > msgData, > Int32 type) > at > LeastPrivilege.Demos.SecureRemoting.ISharedInterface.HelloWorld(String > input) > at LeastPrivilege.Demos.SecureRemoting.ClientApp.Main() in > C:\Users\cal\Downloads\SecureRemoting\Client\Client.cs:line 19 > at System.AppDomain.nExecuteAssembly(Assembly assembly, > String[] args) > at System.AppDomain.ExecuteAssembly(String assemblyFile, > Evidence > assemblySecurity, String[] args) > at > Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly() > at System.Threading.ThreadHelper.ThreadStart_Context(Object > state) > at System.Threading.ExecutionContext.Run(ExecutionContext > executionContext, ContextCallback callback, Object state) > at System.Threading.ThreadHelper.ThreadStart() > serge > "Dominick Baier" wrote: >> exception? >> >> ----- >> Dominick Baier (http://www.leastprivilege.com) >> Developing More Secure Microsoft ASP.NET 2.0 Applications >> (http://www.microsoft.com/mspress/books/9989.asp) >> >>> Hello, >>> >>> I have ccheck your sample I cannot make it work... The server start >>> properly but the client crash right a way :-( >>> >>> IN the configuration seetins you mentionned that smae thing need to >>> be apply from client side but in which form ? >>> >>> I have test it but not ablée to see my client credential... >>> For instance, from my client I ma login as BOB, BOB is calling the >>> remote >>> compoenent host by a Windows Service, then from my remote server I >>> would like >>> to receive BOB and verifiy that it belongs to proper groups for SQL >>> authentification >>> Is it what those settings are suppose to do ? >>> regards >>> serge >>> "Dominick Baier" wrote: >>>> Have a look here: >>>> >>>> http://www.leastprivilege.com/SecureRemotingConfigurationSettings.a >>>> sp x http://www.leastprivilege.com/SecureRemoting.aspx >>>> >>>> ----- >>>> Dominick Baier (http://www.leastprivilege.com) >>>> Developing More Secure Microsoft ASP.NET 2.0 Applications >>>> (http://www.microsoft.com/mspress/books/9989.asp) >>>>> Dear all, >>>>> >>>>> I have read that with TcpChannel under 2.0 client credential are >>>>> pass throught the server remoting object. How can you then retrive >>>>> from your server the passed credential issue by the client ? >>>>> >>>>> thnaks for help >>>>> regards >>>>> serge oky there is one different on the way I ma using it.
in your sample as you are referencing to an endpoint with .rem extension, I guest you host your remote object under IIS ? For my case I made the test using tcp and host my remote under Windows service and my endpoint is without .rem extension regards serge Show quoteHide quote "Dominick Baier" wrote: > I just tried the download - not sure whats wrong - it works on my machine > (which is a different machine than i used to originally write the sample...) > > > ----- > Dominick Baier (http://www.leastprivilege.com) > > Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp) > > > Runing your sample generate the following exception: > > > > The type initializer for 'System.Runtime.Remoting.Identity' threw an > > exception. > > System.TypeInitializationException was unhandled > > Message="The type initializer for 'System.Runtime.Remoting.Identity' > > threw > > an exception." > > Source="mscorlib" > > TypeName="System.Runtime.Remoting.Identity" > > StackTrace: > > Server stack trace: > > at > > System.Runtime.Remoting.Identity.RemoveAppNameOrAppGuidIfNecessary(Str > > ing uri) > > at > > System.Runtime.Remoting.IdentityHolder.ResolveIdentity(String URI) > > at > > System.Runtime.Remoting.RemotingServices.GetServerTypeForUri(String > > URI) > > at > > System.Runtime.Remoting.Channels.BinaryServerFormatterSink.ProcessMess > > age(IServerChannelSinkStack > > sinkStack, IMessage requestMsg, ITransportHeaders requestHeaders, > > Stream > > requestStream, IMessage& responseMsg, ITransportHeaders& > > responseHeaders, > > Stream& responseStream) > > Exception rethrown at [0]: > > at > > System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage > > reqMsg, IMessage retMsg) > > at > > System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& > > msgData, > > Int32 type) > > at > > LeastPrivilege.Demos.SecureRemoting.ISharedInterface.HelloWorld(String > > input) > > at LeastPrivilege.Demos.SecureRemoting.ClientApp.Main() in > > C:\Users\cal\Downloads\SecureRemoting\Client\Client.cs:line 19 > > at System.AppDomain.nExecuteAssembly(Assembly assembly, > > String[] args) > > at System.AppDomain.ExecuteAssembly(String assemblyFile, > > Evidence > > assemblySecurity, String[] args) > > at > > Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly() > > at System.Threading.ThreadHelper.ThreadStart_Context(Object > > state) > > at System.Threading.ExecutionContext.Run(ExecutionContext > > executionContext, ContextCallback callback, Object state) > > at System.Threading.ThreadHelper.ThreadStart() > > serge > > "Dominick Baier" wrote: > >> exception? > >> > >> ----- > >> Dominick Baier (http://www.leastprivilege.com) > >> Developing More Secure Microsoft ASP.NET 2.0 Applications > >> (http://www.microsoft.com/mspress/books/9989.asp) > >> > >>> Hello, > >>> > >>> I have ccheck your sample I cannot make it work... The server start > >>> properly but the client crash right a way :-( > >>> > >>> IN the configuration seetins you mentionned that smae thing need to > >>> be apply from client side but in which form ? > >>> > >>> I have test it but not ablée to see my client credential... > >>> For instance, from my client I ma login as BOB, BOB is calling the > >>> remote > >>> compoenent host by a Windows Service, then from my remote server I > >>> would like > >>> to receive BOB and verifiy that it belongs to proper groups for SQL > >>> authentification > >>> Is it what those settings are suppose to do ? > >>> regards > >>> serge > >>> "Dominick Baier" wrote: > >>>> Have a look here: > >>>> > >>>> http://www.leastprivilege.com/SecureRemotingConfigurationSettings.a > >>>> sp x http://www.leastprivilege.com/SecureRemoting.aspx > >>>> > >>>> ----- > >>>> Dominick Baier (http://www.leastprivilege.com) > >>>> Developing More Secure Microsoft ASP.NET 2.0 Applications > >>>> (http://www.microsoft.com/mspress/books/9989.asp) > >>>>> Dear all, > >>>>> > >>>>> I have read that with TcpChannel under 2.0 client credential are > >>>>> pass throught the server remoting object. How can you then retrive > >>>>> from your server the passed credential issue by the client ? > >>>>> > >>>>> thnaks for help > >>>>> regards > >>>>> serge > > > as in the sample - i host in a console app - the endpoint is not really necessary.
try a console host first - makes debugging a lot easier ... ----- Dominick Baier (http://www.leastprivilege.com) Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp) Show quoteHide quote > oky there is one different on the way I ma using it. > in your sample as you are referencing to an endpoint with .rem > extension, I > guest you host your remote object under IIS ? > For my case I made the test using tcp and host my remote under Windows > service and my endpoint is without .rem extension > > regards > serge > "Dominick Baier" wrote: > >> I just tried the download - not sure whats wrong - it works on my >> machine (which is a different machine than i used to originally write >> the sample...) >> >> ----- >> Dominick Baier (http://www.leastprivilege.com) >> Developing More Secure Microsoft ASP.NET 2.0 Applications >> (http://www.microsoft.com/mspress/books/9989.asp) >> >>> Runing your sample generate the following exception: >>> >>> The type initializer for 'System.Runtime.Remoting.Identity' threw an >>> exception. >>> System.TypeInitializationException was unhandled >>> Message="The type initializer for 'System.Runtime.Remoting.Identity' >>> threw >>> an exception." >>> Source="mscorlib" >>> TypeName="System.Runtime.Remoting.Identity" >>> StackTrace: >>> Server stack trace: >>> at >>> System.Runtime.Remoting.Identity.RemoveAppNameOrAppGuidIfNecessary(S >>> tr >>> ing uri) >>> at >>> System.Runtime.Remoting.IdentityHolder.ResolveIdentity(String URI) >>> at >>> System.Runtime.Remoting.RemotingServices.GetServerTypeForUri(String >>> URI) >>> at >>> System.Runtime.Remoting.Channels.BinaryServerFormatterSink.ProcessMe >>> ss >>> age(IServerChannelSinkStack >>> sinkStack, IMessage requestMsg, ITransportHeaders requestHeaders, >>> Stream >>> requestStream, IMessage& responseMsg, ITransportHeaders& >>> responseHeaders, >>> Stream& responseStream) >>> Exception rethrown at [0]: >>> at >>> System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessa >>> ge >>> reqMsg, IMessage retMsg) >>> at >>> System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& >>> msgData, >>> Int32 type) >>> at >>> LeastPrivilege.Demos.SecureRemoting.ISharedInterface.HelloWorld(Stri >>> ng >>> input) >>> at LeastPrivilege.Demos.SecureRemoting.ClientApp.Main() in >>> C:\Users\cal\Downloads\SecureRemoting\Client\Client.cs:line 19 >>> at System.AppDomain.nExecuteAssembly(Assembly assembly, >>> String[] args) >>> at System.AppDomain.ExecuteAssembly(String assemblyFile, >>> Evidence >>> assemblySecurity, String[] args) >>> at >>> Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly() >>> at System.Threading.ThreadHelper.ThreadStart_Context(Object >>> state) >>> at System.Threading.ExecutionContext.Run(ExecutionContext >>> executionContext, ContextCallback callback, Object state) >>> at System.Threading.ThreadHelper.ThreadStart() >>> serge >>> "Dominick Baier" wrote: >>>> exception? >>>> >>>> ----- >>>> Dominick Baier (http://www.leastprivilege.com) >>>> Developing More Secure Microsoft ASP.NET 2.0 Applications >>>> (http://www.microsoft.com/mspress/books/9989.asp) >>>>> Hello, >>>>> >>>>> I have ccheck your sample I cannot make it work... The server >>>>> start properly but the client crash right a way :-( >>>>> >>>>> IN the configuration seetins you mentionned that smae thing need >>>>> to be apply from client side but in which form ? >>>>> >>>>> I have test it but not ablée to see my client credential... >>>>> For instance, from my client I ma login as BOB, BOB is calling the >>>>> remote >>>>> compoenent host by a Windows Service, then from my remote server I >>>>> would like >>>>> to receive BOB and verifiy that it belongs to proper groups for >>>>> SQL >>>>> authentification >>>>> Is it what those settings are suppose to do ? >>>>> regards >>>>> serge >>>>> "Dominick Baier" wrote: >>>>>> Have a look here: >>>>>> >>>>>> http://www.leastprivilege.com/SecureRemotingConfigurationSettings >>>>>> .a sp x http://www.leastprivilege.com/SecureRemoting.aspx >>>>>> >>>>>> ----- >>>>>> Dominick Baier (http://www.leastprivilege.com) >>>>>> Developing More Secure Microsoft ASP.NET 2.0 Applications >>>>>> (http://www.microsoft.com/mspress/books/9989.asp) >>>>>>> Dear all, >>>>>>> >>>>>>> I have read that with TcpChannel under 2.0 client credential >>>>>>> are pass throught the server remoting object. How can you then >>>>>>> retrive from your server the passed credential issue by the >>>>>>> client ? >>>>>>> >>>>>>> thnaks for help >>>>>>> regards >>>>>>> serge 
Other interesting topics
LDAP Binding
FullTrust Assemblies Triple DES keys distribution X509 signed xml validates in .NET 2.0 but not in 1.1 Open Ports 21,22,23,80 Running a console application in Windows Scheduler - .NET Runtime Error EventID: 5000 Checking if User is in Role Acced Adctive Directory in separate domain PermissionSetAttribute XmlSerialization Cannot encrypt web.config appSettings on virtual directory |
|||||||||||||||||||||||
