473,231 Members | 1,987 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,231 software developers and data experts.

Remoting, IIS, Binary Formatter

I am working on a VB.NET application that uses remoting hosted inside on IIS.
I chose the binary formatter for this application because the only clients
that will be connecting to it are .NET based, as well as the fact that is
fast. My SQL database holds a table of users, passwords, and roles. With an
ASP.net application I can easily do a User.IsInRole("somerole") because of
forms authentication and keeping the roles info in an encrypted cookie. What
would be the best way for doing the same type of thing when hosting a remoted
object in IIS? Would I pass some encrypted credentials each time back to the
server, do a lookup each time, or can I store thses somewhere on the server?
Jul 21 '05 #1
1 2025
Hi,

Welcome to MSDN newsgroup.
As for the How to do the authentication and stored the authentication token
within .net remoting application you mentioned, I think it also depends on
how you would configure your remote object. As singleton or SingleCall (I
assume that we will use WellKnown object, Server Activation). If you're
using singleton, since each remote method call will be invoked at the same
object, we can implement our own "One time" authentication mechanism. For
example, implement our own "remoting cookie" , when the first time client
reques the remote object, do the authentication and then return the
authentication ticket back to client(if client is validated). Then, all the
sequential request from that client will contains this ticket. Also, you
can alternatively store the authenticated info on the server ,such as
mantained an authenticated clients's lookup list, and check this list
before each method's invokation.

If you're choosing "SingleCall" , since each remote method call invoked on
different object, store info on server object may not be possbile.

In addition, I think you can even make this authentication operation in a
custom ChannelSink , so that
all the authentication and validation works will be finished in the Sink's
code rather than mixed with out component's code. You can refer to the
following article on such idea:

http://msdn.microsoft.com/library/en...asp?frame=true

If there is anything unclear, please feel free to post here. Thanks,
Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Jul 21 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: Christopher Pragash | last post by:
Hello All, Recently I had posted a message to forum requesting assistance to resolve a security issueI was facing in .NET Framework 1.1, the error being "Because of Security Restrictions, the...
0
by: Sean Newton | last post by:
I am absolutely bewildered by now by the Microsoft.Samples SSPI and Security assemblies. I've been trying to set these up in a very straightforward harness in the way that I'd like to be able to...
0
by: Skip | last post by:
Hi, I get the following exception thrown when I try to run my code: "An unhandled exception of type 'System.Runtime.Serialization.SerializationException' occurred in mscorlib.dll Additional...
1
by: Skip | last post by:
Hi, I get the following exception thrown when I try to run my code: "An unhandled exception of type 'System.Runtime.Serialization.SerializationException' occurred in mscorlib.dll Additional...
6
by: Guest | last post by:
Hi, I unerstand that if you choose IIS to host your .Net Remotingcomponents with HTTP channel and SOAP formatter, you get thebuilt-in security and configuraion features of IIS. Also we canexpose it...
9
by: Nak | last post by:
Hi there, I have been messing around with remoting in an attempt to create a "shared application" as mentioned in another thread by that name. I have created a singleton object just like the...
13
by: Ron L | last post by:
I am working on an application that is a front-end for a SQL database. While it is not an immediate requirement, the application will probably be required to be able to connect via the internet at...
2
by: erbilkonuk | last post by:
Hi, I am very new to .NET Remoting and I try to run a simple program to subscribe to an event raised by Remoting Class. The Remoting Server initiates an instance of Remoting Class as Singleton /...
1
by: hocker | last post by:
I have created a client-server application using .NET remoting in C#. The client initiates a call to the server then subscribes to events from the server, using an abstract class which contains the...
0
by: =?Utf-8?B?U3RldmUgRw==?= | last post by:
I have a VB6 ActiveX exe application that uses a .Net DLL that is exposed as a COM DLL. The VB6 application is stored in ParentFolder. The .Net DLL is stored and registered in ChildFolder. I have...
0
by: VivesProcSPL | last post by:
Obviously, one of the original purposes of SQL is to make data query processing easy. The language uses many English-like terms and syntax in an effort to make it easy to learn, particularly for...
0
by: jianzs | last post by:
Introduction Cloud-native applications are conventionally identified as those designed and nurtured on cloud infrastructure. Such applications, rooted in cloud technologies, skillfully benefit from...
0
by: abbasky | last post by:
### Vandf component communication method one: data sharing ​ Vandf components can achieve data exchange through data sharing, state sharing, events, and other methods. Vandf's data exchange method...
2
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 7 Feb 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:30 (7.30PM). In this month's session, the creator of the excellent VBE...
0
Git
by: egorbl4 | last post by:
Скачал я git, хотел начать настройку, а там вылезло вот это Что это? Что мне с этим делать? ...
1
by: davi5007 | last post by:
Hi, Basically, I am trying to automate a field named TraceabilityNo into a web page from an access form. I've got the serial held in the variable strSearchString. How can I get this into the...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: Aftab Ahmad | last post by:
So, I have written a code for a cmd called "Send WhatsApp Message" to open and send WhatsApp messaage. The code is given below. Dim IE As Object Set IE =...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.