473,224 Members | 1,473 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,224 software developers and data experts.

.NET Remoting and Credential Caching

I have a client/server application that utilizes Impersonation on a TCP
Channel. So I create the channel with the version of the constructor
that takes an IDictionary of channel properties, and specify
"impersonate = true".

OK great - everything works - I can confirm on the server that the
process runs in the context of the user that is making the remote call
from the client.

However, I also want to give the user the ability to specify the
credentials to use - so in the user interface I give a checkbox that
says "Use pass-thru authentication" and if they check it, it runs as
above, and if the uncheck it they can enter a username, password, and
domain, which I then specify in the channel properties of the same name.

OK great - this works too... I can specify the username and password,
and verify on the server that the connection runs as the user I've
specified.

BUT... when I switch between the two in the same instance of the
application, only the FIRST connection's credentials get used. So if I
select "Use Pass-thru" then on the server it shows the user that I'm
running the client as. If I then disconnect (and yes, I also Unregister
the channel), then change the option to specify the username and
password, and then reconnect, the connection is still successful, but as
the user that I'm running as. In fact, I can put anything I want, even
an invalid username and/or password, and it still connects as the user
I'm running as. It works the same way if I first connect as a specified
user - subsequent requests to connect with pass-thru authenticate only
as the user I entered.

Obviously there is some credential caching going on here... Is there a
way to disable this? I'm aware of socket caching, which I believe I
have disabled (using 'socketCacheTimeout=0' and
socketCachePolicy=absoluteTimeout') but it appears to still be caching
the credentials. I am also unregistering the channel before I re-
register the TCP channel with the new properties.

Any help? Thanks!

-mdb
Oct 15 '07 #1
2 1956

"Michael Bray" <mb*****************@you.figure.it.out.comwrote in message
news:Xn****************************@207.46.248.16. ..
>I have a client/server application that utilizes Impersonation on a TCP
Channel. So I create the channel with the version of the constructor
that takes an IDictionary of channel properties, and specify
"impersonate = true".

OK great - everything works - I can confirm on the server that the
process runs in the context of the user that is making the remote call
from the client.

However, I also want to give the user the ability to specify the
credentials to use - so in the user interface I give a checkbox that
says "Use pass-thru authentication" and if they check it, it runs as
above, and if the uncheck it they can enter a username, password, and
domain, which I then specify in the channel properties of the same name.

OK great - this works too... I can specify the username and password,
and verify on the server that the connection runs as the user I've
specified.

BUT... when I switch between the two in the same instance of the
application, only the FIRST connection's credentials get used. So if I
select "Use Pass-thru" then on the server it shows the user that I'm
running the client as. If I then disconnect (and yes, I also Unregister
the channel), then change the option to specify the username and
password, and then reconnect, the connection is still successful, but as
the user that I'm running as. In fact, I can put anything I want, even
an invalid username and/or password, and it still connects as the user
I'm running as. It works the same way if I first connect as a specified
user - subsequent requests to connect with pass-thru authenticate only
as the user I entered.

Obviously there is some credential caching going on here... Is there a
way to disable this? I'm aware of socket caching, which I believe I
have disabled (using 'socketCacheTimeout=0' and
socketCachePolicy=absoluteTimeout') but it appears to still be caching
the credentials. I am also unregistering the channel before I re-
register the TCP channel with the new properties.

Any help? Thanks!
I myself think you need to abandon this credential checking using the
Remoting application. It may come down to using one or the other but not
both. The one .Net Remoting application I have written was using SQL Server
table authentication using a user-id and password. Sometimes, it's best just
to keep things simple.

Oct 16 '07 #2
"Mr. Arnold" <MR. Ar****@Arnold.comwrote in
news:#v**************@TK2MSFTNGP02.phx.gbl:
I myself think you need to abandon this credential checking using the
Remoting application. It may come down to using one or the other but
not both. The one .Net Remoting application I have written was using
SQL Server table authentication using a user-id and password.
Sometimes, it's best just to keep things simple.
Unfortunately it is a requirement to support both. I know there must be a
solution buried deep down in the framework somewhere.

-mdb
Oct 16 '07 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: Ken Foster | last post by:
I built some remote services, a couple singletons and one single call. On the client side I thought I'd save on connection latency by caching the remote connection in a shared variable. Create it...
15
by: Ron L | last post by:
We are working on a distributed VB.Net application which will access a SQL database located on a known server. Each client will run on the user's local machine. To implement this, we are trying...
1
by: Michael Bray | last post by:
Ok guys here's a tough one... I have a client/server application that uses remoting for communication. I am using Activator.GetObject to create a remoting instance with an URL that specifies the...
1
by: moi | last post by:
Hello, I try to make a login.aspx page to login an Active directory's user and i have a 1315 Web event Error in Windows server 2003 application's log with this error : 4006 Membership credentiel...
1
by: Tedmond | last post by:
Dear all, I wrote a function to use WebClient to retrieve information from the Web. It worked fine. However, the proxy setting of our firm has been changed. Proxy authentication is required now...
1
by: adiel_g | last post by:
Does anyone know how to remove the required credential check for a web service in VS2005? There should be an option to remove the required credential check since I will be running the service...
0
by: Hayato Iriumi | last post by:
Hello, I poked around System.Threading.Thread and System.Net.NetworkCredential to see if I could run a thread with a different credential from the credential that the executable is running under....
2
by: bobsmith | last post by:
I've used remoting before for simple tasks, but I'd like to use it for something new and I'm not sure if it's the best method, and if so, how to do it. Basically I have a program that runs...
0
by: Kristian Reukauff | last post by:
Hi I have a problem with the .Net-Securty-Functions. I've got a client and a server. When I try to register a channel at the server with this line: ChannelServices.RegisterChannel(chan, false);...
0
by: veera ravala | last post by:
ServiceNow is a powerful cloud-based platform that offers a wide range of services to help organizations manage their workflows, operations, and IT services more efficiently. At its core, ServiceNow...
0
by: VivesProcSPL | last post by:
Obviously, one of the original purposes of SQL is to make data query processing easy. The language uses many English-like terms and syntax in an effort to make it easy to learn, particularly for...
3
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 3 Jan 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). For other local times, please check World Time Buddy In...
0
by: jianzs | last post by:
Introduction Cloud-native applications are conventionally identified as those designed and nurtured on cloud infrastructure. Such applications, rooted in cloud technologies, skillfully benefit from...
0
by: abbasky | last post by:
### Vandf component communication method one: data sharing ​ Vandf components can achieve data exchange through data sharing, state sharing, events, and other methods. Vandf's data exchange method...
2
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 7 Feb 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:30 (7.30PM). In this month's session, the creator of the excellent VBE...
0
Git
by: egorbl4 | last post by:
Скачал я git, хотел начать настройку, а там вылезло вот это Что это? Что мне с этим делать? ...
1
by: davi5007 | last post by:
Hi, Basically, I am trying to automate a field named TraceabilityNo into a web page from an access form. I've got the serial held in the variable strSearchString. How can I get this into the...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.