Hi,
I have to develop an application that will consist of a service and a
windows forms application... the service could be on a distant server but I
need to authenticate the user as being part of the same domain. so when the
application starts, I can send something to the remote service and query for
some objects and the service can give me the objects if I'm the right user
(part of the right group). I don't want to send username and password nor
password hash over the network so if there is a better way (just like SQL
server does or many other apps), I would like to know it (maybe if you have
a link)
Thanks
ThunderMusic
13  2700 
ThunderMusic,
Not easily. You can host your remoted objects in IIS, and then it would
use the authentication mechanism that you have configured in IIS.
Also, I believe this will force you to design your objects in a certain
way (for stateless calls, since the mechanism for HTTP is stateless). I
could be wrong here.
I would honestly not use or recommend remoting as a distributed object
technology. If you have to develop your app now (meaning, get it out the
door tomorrow), then I would suggest using COM+/Enterprise Services.
If you have some time to spare, and don't mind developing with
pre-release software, I would look into Windows Communication Foundation.
Either way, remoting is a dead-end in my book.
Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"ThunderMus ic" <No************ *************@N oSpAm.comwrote in message
news:eR******** ******@TK2MSFTN GP04.phx.gbl...
Hi,
I have to develop an application that will consist of a service and a
windows forms application... the service could be on a distant server but
I need to authenticate the user as being part of the same domain. so when
the application starts, I can send something to the remote service and
query for some objects and the service can give me the objects if I'm the
right user (part of the right group). I don't want to send username and
password nor password hash over the network so if there is a better way
(just like SQL server does or many other apps), I would like to know it
(maybe if you have a link)
Thanks
ThunderMusic
ThunderMusic wrote:
Hi,
I have to develop an application that will consist of a service and a
windows forms application... the service could be on a distant server but
I need to authenticate the user as being part of the same domain. so when
the application starts, I can send something to the remote service and
query for some objects and the service can give me the objects if I'm the
right user (part of the right group). I don't want to send username and
password nor password hash over the network so if there is a better way
(just like SQL server does or many other apps), I would like to know it
(maybe if you have a link)
Thanks
ThunderMusic
Hi ThunderMusic,
This may be of help:
<UrlWillWrap> http://msdn.microsoft.com/library/de...SecNetch11.asp
</UrlWillWrap>
--
Hope this helps,
Tom Spink
Ok, I found the WindowsPrincipa l class, and it's serializable. Does an
instance of this class guaranty the user is logged on a computer and has
been authenticated or is there a way to query the domain server if the user
is a rightful user? I mean, I must be sure the user making the request (or
query) is who he claims to be and is logged on the domain. My app does not
allow impersonnation, but I don't want anybody trying to impersonnate
someone on my network and claim being, let's say, the president of the
company and start making anything he wants with the remote objects... you
know what I mean? I need a way to secure things so only an authenticated
user or a user I can authenticate can have access to the objects the service
is providing. And I definitly need to know the domain groups this user
belongs to...
Thanks
ThunderMusic
"ThunderMus ic" <No************ *************@N oSpAm.comwrote in message
news:eR******** ******@TK2MSFTN GP04.phx.gbl...
Hi,
I have to develop an application that will consist of a service and a
windows forms application... the service could be on a distant server but
I need to authenticate the user as being part of the same domain. so when
the application starts, I can send something to the remote service and
query for some objects and the service can give me the objects if I'm the
right user (part of the right group). I don't want to send username and
password nor password hash over the network so if there is a better way
(just like SQL server does or many other apps), I would like to know it
(maybe if you have a link)
Thanks
ThunderMusic
ThunderMusic,
Unfortunately, no, it does not allow that. All it is is a
representation of a user. Anyone could theoretically make one and send it
to you. It doesn't tell you if it is logged on or not.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"ThunderMus ic" <No************ *************@N oSpAm.comwrote in message
news:uh******** ******@TK2MSFTN GP05.phx.gbl...
Ok, I found the WindowsPrincipa l class, and it's serializable. Does an
instance of this class guaranty the user is logged on a computer and has
been authenticated or is there a way to query the domain server if the
user is a rightful user? I mean, I must be sure the user making the
request (or query) is who he claims to be and is logged on the domain. My
app does not allow impersonnation, but I don't want anybody trying to
impersonnate someone on my network and claim being, let's say, the
president of the company and start making anything he wants with the
remote objects... you know what I mean? I need a way to secure things so
only an authenticated user or a user I can authenticate can have access to
the objects the service is providing. And I definitly need to know the
domain groups this user belongs to...
Thanks
ThunderMusic
"ThunderMus ic" <No************ *************@N oSpAm.comwrote in message
news:eR******** ******@TK2MSFTN GP04.phx.gbl...
>Hi,
I have to develop an application that will consist of a service and a
windows forms application... the service could be on a distant server
but I need to authenticate the user as being part of the same domain. so
when the application starts, I can send something to the remote service
and query for some objects and the service can give me the objects if I'm
the right user (part of the right group). I don't want to send username
and password nor password hash over the network so if there is a better
way (just like SQL server does or many other apps), I would like to know
it (maybe if you have a link)
Thanks
ThunderMusic
Just check on the client, put a strong name on the client. You can event do
some link demands.
Schneider
"ThunderMus ic" <No************ *************@N oSpAm.comwrote in message
news:eR******** ******@TK2MSFTN GP04.phx.gbl...
Hi,
I have to develop an application that will consist of a service and a
windows forms application... the service could be on a distant server but
I
need to authenticate the user as being part of the same domain. so when
the
application starts, I can send something to the remote service and query
for
some objects and the service can give me the objects if I'm the right user
(part of the right group). I don't want to send username and password nor
password hash over the network so if there is a better way (just like SQL
server does or many other apps), I would like to know it (maybe if you
have
a link)
Thanks
ThunderMusic
ok, so is there a way I can get the token Windows send us when we log on and
send it to my service so the service can verify with the domain server if
this token is valid?
thanks
ThunderMusic
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c omwrote in
message news:OP******** ******@TK2MSFTN GP05.phx.gbl...
ThunderMusic,
Unfortunately, no, it does not allow that. All it is is a
representation of a user. Anyone could theoretically make one and send it
to you. It doesn't tell you if it is logged on or not.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"ThunderMus ic" <No************ *************@N oSpAm.comwrote in message
news:uh******** ******@TK2MSFTN GP05.phx.gbl...
>Ok, I found the WindowsPrincipa l class, and it's serializable. Does an
instance of this class guaranty the user is logged on a computer and has
been authenticated or is there a way to query the domain server if the
user is a rightful user? I mean, I must be sure the user making the
request (or query) is who he claims to be and is logged on the domain. My
app does not allow impersonnation, but I don't want anybody trying to
impersonnate someone on my network and claim being, let's say, the
president of the company and start making anything he wants with the
remote objects... you know what I mean? I need a way to secure things
so only an authenticated user or a user I can authenticate can have
access to the objects the service is providing. And I definitly need to
know the domain groups this user belongs to...
Thanks
ThunderMusic
"ThunderMusi c" <No************ *************@N oSpAm.comwrote in message
news:eR******* *******@TK2MSFT NGP04.phx.gbl.. .
>>Hi,
I have to develop an application that will consist of a service and a
windows forms application... the service could be on a distant server
but I need to authenticate the user as being part of the same domain. so
when the application starts, I can send something to the remote service
and query for some objects and the service can give me the objects if
I'm the right user (part of the right group). I don't want to send
username and password nor password hash over the network so if there is
a better way (just like SQL server does or many other apps), I would
like to know it (maybe if you have a link)
Thanks
ThunderMusi c
ok, I answered a part of my question :
System.Security .Principal.Wind owsIdentity.Get Current().Token .... So now is
there a way I can deal with this in my service? can I sen the Windows
Identity instance over remoting?
thanks
ThunderMusic
"ThunderMus ic" <No************ *************@N oSpAm.comwrote in message
news:OA******** ******@TK2MSFTN GP04.phx.gbl...
ok, so is there a way I can get the token Windows send us when we log on
and send it to my service so the service can verify with the domain server
if this token is valid?
thanks
ThunderMusic
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c omwrote
in message news:OP******** ******@TK2MSFTN GP05.phx.gbl...
>ThunderMusic ,
Unfortunately, no, it does not allow that. All it is is a
representati on of a user. Anyone could theoretically make one and send
it to you. It doesn't tell you if it is logged on or not.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"ThunderMusi c" <No************ *************@N oSpAm.comwrote in message
news:uh******* *******@TK2MSFT NGP05.phx.gbl.. .
>>Ok, I found the WindowsPrincipa l class, and it's serializable. Does an
instance of this class guaranty the user is logged on a computer and has
been authenticated or is there a way to query the domain server if the
user is a rightful user? I mean, I must be sure the user making the
request (or query) is who he claims to be and is logged on the domain.
My app does not allow impersonnation, but I don't want anybody trying to
impersonnat e someone on my network and claim being, let's say, the
president of the company and start making anything he wants with the
remote objects... you know what I mean? I need a way to secure things
so only an authenticated user or a user I can authenticate can have
access to the objects the service is providing. And I definitly need to
know the domain groups this user belongs to...
Thanks
ThunderMusi c
"ThunderMusic " <No************ *************@N oSpAm.comwrote in message
news:eR****** ********@TK2MSF TNGP04.phx.gbl. ..
Hi,
I have to develop an application that will consist of a service and a
windows forms application... the service could be on a distant server
but I need to authenticate the user as being part of the same domain.
so when the application starts, I can send something to the remote
service and query for some objects and the service can give me the
objects if I'm the right user (part of the right group). I don't want
to send username and password nor password hash over the network so if
there is a better way (just like SQL server does or many other apps), I
would like to know it (maybe if you have a link)
Thanks
ThunderMus ic
ThunderMusic,
I have to ask, why not use one of the two solutions I posted earlier?
Trying to do this yourself will lead to a good number of holes in your
solution.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"ThunderMus ic" <No************ *************@N oSpAm.comwrote in message
news:O1******** ********@TK2MSF TNGP05.phx.gbl. ..
ok, I answered a part of my question :
System.Security .Principal.Wind owsIdentity.Get Current().Token .... So now
is there a way I can deal with this in my service? can I sen the Windows
Identity instance over remoting?
thanks
ThunderMusic
"ThunderMus ic" <No************ *************@N oSpAm.comwrote in message
news:OA******** ******@TK2MSFTN GP04.phx.gbl...
>ok, so is there a way I can get the token Windows send us when we log on
and send it to my service so the service can verify with the domain
server if this token is valid?
thanks
ThunderMusic
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c omwrote
in message news:OP******** ******@TK2MSFTN GP05.phx.gbl...
>>ThunderMusi c,
Unfortunately, no, it does not allow that. All it is is a
representatio n of a user. Anyone could theoretically make one and send
it to you. It doesn't tell you if it is logged on or not.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"ThunderMusic " <No************ *************@N oSpAm.comwrote in message
news:uh****** ********@TK2MSF TNGP05.phx.gbl. ..
Ok, I found the WindowsPrincipa l class, and it's serializable. Does an
instance of this class guaranty the user is logged on a computer and
has been authenticated or is there a way to query the domain server if
the user is a rightful user? I mean, I must be sure the user making the
request (or query) is who he claims to be and is logged on the domain.
My app does not allow impersonnation, but I don't want anybody trying
to impersonnate someone on my network and claim being, let's say, the
president of the company and start making anything he wants with the
remote objects... you know what I mean? I need a way to secure things
so only an authenticated user or a user I can authenticate can have
access to the objects the service is providing. And I definitly need to
know the domain groups this user belongs to...
Thanks
ThunderMus ic
"ThunderMusi c" <No************ *************@N oSpAm.comwrote in
message news:eR******** ******@TK2MSFTN GP04.phx.gbl...
Hi,
>
I have to develop an application that will consist of a service and a
windows forms application... the service could be on a distant server
but I need to authenticate the user as being part of the same domain.
so when the application starts, I can send something to the remote
service and query for some objects and the service can give me the
objects if I'm the right user (part of the right group). I don't want
to send username and password nor password hash over the network so if
there is a better way (just like SQL server does or many other apps),
I would like to know it (maybe if you have a link)
>
Thanks
>
ThunderMusi c
>
You may want to investigate the MSDN sample about using SSPI with remoting,
it should do exactly what you are wanting to do http://msdn.microsoft.com/webservice...ml/remsspi.asp
-Robert
"ThunderMus ic" <No************ *************@N oSpAm.comwrote in message
news:eR******** ******@TK2MSFTN GP04.phx.gbl...
Hi,
I have to develop an application that will consist of a service and a
windows forms application... the service could be on a distant server but
I need to authenticate the user as being part of the same domain. so when
the application starts, I can send something to the remote service and
query for some objects and the service can give me the objects if I'm the
right user (part of the right group). I don't want to send username and
password nor password hash over the network so if there is a better way
(just like SQL server does or many other apps), I would like to know it
(maybe if you have a link)
Thanks
ThunderMusic
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Bob Everland |
last post by:
I have an application that is ISAPI and the only way to
secure it is through NT permissions. I need to have a way
to login to windows authentication so that when I get to
the ISAPI application no boxes come up. I want an ASP page
to sit between the user and the ISAPI application. The
rest of my application is using authentication that is
database driven and wouldn't want the users to know the
userid and password. Is this possible? If so...
|
by: Moty Michaely |
last post by:
Hello,
Can anyone please help me finding a good way to develop a c# winforms
application client for a pre-developed windows service?
Should I use wse2 with tcp protocol? Bu I still have win98 clients. mmm..
Please help.
Thanks,
Moty.
|
by: Andrew |
last post by:
Hey all,
I would like to preface my question by stating I am still learning ASP.net
and while I am confident in the basics and foundation, the more advanced
stuff is still a challenge. Ok. :)
|
by: Stephajn Craig |
last post by:
Is it possible to apply remoting techniques to a Windows Service
Application?
I have an application that I'm building that is primarily ASP.NET based.
However, there are some functions that I want to have run all the time in
the background. So I am implementing a Windows service to accomplish this.
However, I'd like to expose some funtionality out of this Windows Service as
well. I'd like to be able to remote control it to a certain...
|
by: Brian Patrick |
last post by:
I have an application model which will consist of a front-end
configuration application, which needs to control the state of a
back-end vb.net windows service (which is the component that does all
the work). Think of this in the same manner as say microsoft management
console and the w3svc (inetinfo) service.
What should the standard communication protocol be between the
configuration app and the service in this model?
For example,...
| | |
by: Steve Amey |
last post by:
Hi all
Is it possible to retrieve data from a Windows Service? Let's say I have a
service that contains code in the OnStart method that creates a DataSet,
from a client application I'm using a ServiceController to check that the
Service on the specified machine is running, can I get the DataSet that is
held within the Service? Is it possible to create Properties or have a
function that returns the DataSet?
Kind Regards,
|
by: UJ |
last post by:
Is there any way for a windows service to start a windows program ? I have a
service that will need to restart a windows app if it needs to.
TIA - Jeff.
|
by: ThunderMusic |
last post by:
Hi,
I have to develop an application that will consist of a service and a
windows forms application... the service could be on a distant server but I
need to authenticate the user as being part of the same domain. so when the
application starts, I can send something to the remote service and query for
some objects and the service can give me the objects if I'm the right user
(part of the right group). I don't want to send username and...
|
by: Mike9900 |
last post by:
Hello,
I am getting SqlDateTime overflow if I use .NET remoting on Windows XP and
Windows XP is the server where the SQL server is located at. If my computer
is Windows 2003 where the sql server is running and I use client as the
windows XP I do not get this error.
--
Mike
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| | |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
