473,322 Members | 1,510 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,322 software developers and data experts.

Remoting, IIS, Binary Formatter

I am working on a VB.NET application that uses remoting hosted inside on IIS.
I chose the binary formatter for this application because the only clients
that will be connecting to it are .NET based, as well as the fact that is
fast. My SQL database holds a table of users, passwords, and roles. With an
ASP.net application I can easily do a User.IsInRole("somerole") because of
forms authentication and keeping the roles info in an encrypted cookie. What
would be the best way for doing the same type of thing when hosting a remoted
object in IIS? Would I pass some encrypted credentials each time back to the
server, do a lookup each time, or can I store thses somewhere on the server?
Jul 21 '05 #1
1 2030
Hi,

Welcome to MSDN newsgroup.
As for the How to do the authentication and stored the authentication token
within .net remoting application you mentioned, I think it also depends on
how you would configure your remote object. As singleton or SingleCall (I
assume that we will use WellKnown object, Server Activation). If you're
using singleton, since each remote method call will be invoked at the same
object, we can implement our own "One time" authentication mechanism. For
example, implement our own "remoting cookie" , when the first time client
reques the remote object, do the authentication and then return the
authentication ticket back to client(if client is validated). Then, all the
sequential request from that client will contains this ticket. Also, you
can alternatively store the authenticated info on the server ,such as
mantained an authenticated clients's lookup list, and check this list
before each method's invokation.

If you're choosing "SingleCall" , since each remote method call invoked on
different object, store info on server object may not be possbile.

In addition, I think you can even make this authentication operation in a
custom ChannelSink , so that
all the authentication and validation works will be finished in the Sink's
code rather than mixed with out component's code. You can refer to the
following article on such idea:

http://msdn.microsoft.com/library/en...asp?frame=true

If there is anything unclear, please feel free to post here. Thanks,
Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Jul 21 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: Christopher Pragash | last post by:
Hello All, Recently I had posted a message to forum requesting assistance to resolve a security issueI was facing in .NET Framework 1.1, the error being "Because of Security Restrictions, the...
0
by: Sean Newton | last post by:
I am absolutely bewildered by now by the Microsoft.Samples SSPI and Security assemblies. I've been trying to set these up in a very straightforward harness in the way that I'd like to be able to...
0
by: Skip | last post by:
Hi, I get the following exception thrown when I try to run my code: "An unhandled exception of type 'System.Runtime.Serialization.SerializationException' occurred in mscorlib.dll Additional...
1
by: Skip | last post by:
Hi, I get the following exception thrown when I try to run my code: "An unhandled exception of type 'System.Runtime.Serialization.SerializationException' occurred in mscorlib.dll Additional...
6
by: Guest | last post by:
Hi, I unerstand that if you choose IIS to host your .Net Remotingcomponents with HTTP channel and SOAP formatter, you get thebuilt-in security and configuraion features of IIS. Also we canexpose it...
9
by: Nak | last post by:
Hi there, I have been messing around with remoting in an attempt to create a "shared application" as mentioned in another thread by that name. I have created a singleton object just like the...
13
by: Ron L | last post by:
I am working on an application that is a front-end for a SQL database. While it is not an immediate requirement, the application will probably be required to be able to connect via the internet at...
2
by: erbilkonuk | last post by:
Hi, I am very new to .NET Remoting and I try to run a simple program to subscribe to an event raised by Remoting Class. The Remoting Server initiates an instance of Remoting Class as Singleton /...
1
by: hocker | last post by:
I have created a client-server application using .NET remoting in C#. The client initiates a call to the server then subscribes to events from the server, using an abstract class which contains the...
0
by: =?Utf-8?B?U3RldmUgRw==?= | last post by:
I have a VB6 ActiveX exe application that uses a .Net DLL that is exposed as a COM DLL. The VB6 application is stored in ParentFolder. The .Net DLL is stored and registered in ChildFolder. I have...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.