I have a client/server application that utilizes Impersonation on a TCP
Channel. So I create the channel with the version of the constructor
that takes an IDictionary of channel properties, and specify
"impersonate = true".
OK great - everything works - I can confirm on the server that the
process runs in the context of the user that is making the remote call
from the client.
However, I also want to give the user the ability to specify the
credentials to use - so in the user interface I give a checkbox that
says "Use pass-thru authentication" and if they check it, it runs as
above, and if the uncheck it they can enter a username, password, and
domain, which I then specify in the channel properties of the same name.
OK great - this works too... I can specify the username and password,
and verify on the server that the connection runs as the user I've
specified.
BUT... when I switch between the two in the same instance of the
application, only the FIRST connection's credentials get used. So if I
select "Use Pass-thru" then on the server it shows the user that I'm
running the client as. If I then disconnect (and yes, I also Unregister
the channel), then change the option to specify the username and
password, and then reconnect, the connection is still successful, but as
the user that I'm running as. In fact, I can put anything I want, even
an invalid username and/or password, and it still connects as the user
I'm running as. It works the same way if I first connect as a specified
user - subsequent requests to connect with pass-thru authenticate only
as the user I entered.
Obviously there is some credential caching going on here... Is there a
way to disable this? I'm aware of socket caching, which I believe I
have disabled (using 'socketCacheTimeout=0' and
socketCachePolicy=absoluteTimeout') but it appears to still be caching
the credentials. I am also unregistering the channel before I re-
register the TCP channel with the new properties.
Any help? Thanks!
-mdb
2  1962 
"Michael Bray" <mb*****************@you.figure.it.out.comwrote in message
news:Xn****************************@207.46.248.16. ..
>I have a client/server application that utilizes Impersonation on a TCP
Channel. So I create the channel with the version of the constructor
that takes an IDictionary of channel properties, and specify
"impersonate = true".
OK great - everything works - I can confirm on the server that the
process runs in the context of the user that is making the remote call
from the client.
However, I also want to give the user the ability to specify the
credentials to use - so in the user interface I give a checkbox that
says "Use pass-thru authentication" and if they check it, it runs as
above, and if the uncheck it they can enter a username, password, and
domain, which I then specify in the channel properties of the same name.
OK great - this works too... I can specify the username and password,
and verify on the server that the connection runs as the user I've
specified.
BUT... when I switch between the two in the same instance of the
application, only the FIRST connection's credentials get used. So if I
select "Use Pass-thru" then on the server it shows the user that I'm
running the client as. If I then disconnect (and yes, I also Unregister
the channel), then change the option to specify the username and
password, and then reconnect, the connection is still successful, but as
the user that I'm running as. In fact, I can put anything I want, even
an invalid username and/or password, and it still connects as the user
I'm running as. It works the same way if I first connect as a specified
user - subsequent requests to connect with pass-thru authenticate only
as the user I entered.
Obviously there is some credential caching going on here... Is there a
way to disable this? I'm aware of socket caching, which I believe I
have disabled (using 'socketCacheTimeout=0' and
socketCachePolicy=absoluteTimeout') but it appears to still be caching
the credentials. I am also unregistering the channel before I re-
register the TCP channel with the new properties.
Any help? Thanks!
I myself think you need to abandon this credential checking using the
Remoting application. It may come down to using one or the other but not
both. The one .Net Remoting application I have written was using SQL Server
table authentication using a user-id and password. Sometimes, it's best just
to keep things simple.
"Mr. Arnold" <MR. Ar****@Arnold.comwrote in
news:#v**************@TK2MSFTNGP02.phx.gbl:
I myself think you need to abandon this credential checking using the
Remoting application. It may come down to using one or the other but
not both. The one .Net Remoting application I have written was using
SQL Server table authentication using a user-id and password.
Sometimes, it's best just to keep things simple.
Unfortunately it is a requirement to support both. I know there must be a
solution buried deep down in the framework somewhere.
-mdb This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Ken Foster |
last post by:
I built some remote services, a couple singletons and one single call. On the
client side I thought I'd save on connection latency by caching the remote
connection in a shared variable. Create it...
|
by: Ron L |
last post by:
We are working on a distributed VB.Net application which will access a SQL
database located on a known server. Each client will run on the user's
local machine. To implement this, we are trying...
|
by: Michael Bray |
last post by:
Ok guys here's a tough one... I have a client/server application that
uses remoting for communication. I am using Activator.GetObject to create
a remoting instance with an URL that specifies the...
|
by: moi |
last post by:
Hello,
I try to make a login.aspx page to login an Active directory's user and i have a 1315 Web event Error in Windows server 2003 application's log with this error : 4006 Membership credentiel...
|
by: Tedmond |
last post by:
Dear all,
I wrote a function to use WebClient to retrieve information from the Web.
It worked fine. However, the proxy setting of our firm has been changed.
Proxy authentication is required now...
|
by: adiel_g |
last post by:
Does anyone know how to remove the required credential check for a web
service in VS2005?
There should be an option to remove the required credential check
since I will be running the
service...
|
by: Hayato Iriumi |
last post by:
Hello,
I poked around System.Threading.Thread and
System.Net.NetworkCredential to see if I could run a thread with a
different credential from the credential that the executable is
running under....
|
by: bobsmith |
last post by:
I've used remoting before for simple tasks, but I'd like to use it for something new and I'm not sure if it's the best method, and if so, how to do it. Basically I have a program that runs...
|
by: Kristian Reukauff |
last post by:
Hi
I have a problem with the .Net-Securty-Functions.
I've got a client and a server.
When I try to register a channel at the server with this line:
ChannelServices.RegisterChannel(chan, false);...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |
