Online activation -- how to?

"zz" <zzz> wrote in message news:%2***************@TK2MSFTNGP15.phx.gbl...

Hello everyone,

We have an hybrid plain C++/COM/VB.NET commercial application in which
we've included a mandatory activation mechanism. This activation system is
programed in the VB.NET part and basically uses the System.net.WebRequest
object to do it's job.

Works well for the most part but we have serveral client for who it
doesn't work. Many of them have been firewall issues, both personnal and
corporate ones. We know we won't ever be able to make a system that has
100% connectivity, but are there any ways to improve our system?

Getting past Norton, McAfee and similar firewalls who "by default" block
communications from programs... As well as corporate firewalls who usually
use a proxy, etc....

Comments / ideas welcomed.

Thanks you,

Alex.

Hi Alex,

First off, the best way around the firewalls is to post on port 80. Most
firewalls don't block the traffic on port 80.

That said, Windows Activation has the same problem. That is why a certain
percentage of Windows users will telephone Microsoft in order to activate
their product. It's a fact of life.

You may want to consider using e-mail as a backup. Your app sends an e-mail
to your company with a seed and you send back a key. The user has to cut
and paste the key from the e-mail reply into a dialog on your app. Most
users don't mind this one. Altova uses it to great effect for XMLSpy.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--

Nick Malik [Microsoft] wrote:

"zz" <zzz> wrote in message news:%2***************@TK2MSFTNGP15.phx.gbl...

We have an hybrid plain C++/COM/VB.NET commercial application in which
we've included a mandatory activation mechanism. This activation system is
programed in the VB.NET part and basically uses the System.net.WebRequest
object to do it's job.

First off, the best way around the firewalls is to post on port 80. Most
firewalls don't block the traffic on port 80.

Well, he says he's using Web Request.

Does that mean you're using a Web service?

If not, the web service would be the right choice here, since as long as
they can run a browser on the workstation, your app can call a web
method and deliver whatever key or code is needed.

In fact, you could make a registered access to the web service the
'activation' in the sense the the app wouldn't run unless they could,
say, make a simple call to the web service/method.

"John Bailo" <ja*****@texeme.com> wrote in message
news:43**************@texeme.com...

Nick Malik [Microsoft] wrote:

"zz" <zzz> wrote in message
news:%2***************@TK2MSFTNGP15.phx.gbl...

We have an hybrid plain C++/COM/VB.NET commercial application in which
we've included a mandatory activation mechanism. This activation system
is programed in the VB.NET part and basically uses the
System.net.WebRequest object to do it's job.

First off, the best way around the firewalls is to post on port 80. Most
firewalls don't block the traffic on port 80.

Well, he says he's using Web Request.

Does that mean you're using a Web service?

If not, the web service would be the right choice here, since as long as
they can run a browser on the workstation, your app can call a web method
and deliver whatever key or code is needed.

In fact, you could make a registered access to the web service the
'activation' in the sense the the app wouldn't run unless they could, say,
make a simple call to the web service/method.

Web service? Forgive my dinosaurian knowledge but that term is a bit hip for
my skills :) I figure that by using the HttpWebRequest object, from dotnet,
I'm using port 80 to do my job and theorically mimicing the browser. But
then again, Norton, Zonealarm and other personnal firewalls will ask the
question "Do you want XXX to access the internet" or silently block me.
We're simply opening a web page using params and using the feedback to
determin wether or not the registration was accepted.

That, and poeple using a proxy configured in Internet Explorer see the
communication fail from the feedback I've had, which would mean the
WebRequest object is not using IE's proxy setup.

I know we'll never be able to have a solution that works 100%, but we're
trying to reduce the number of cases where we need to do a manual
activation. The email idea proposed by Nick is one we though about and we
ultimatly might end up with something like that. Sounds like it would be one
of the most effective way to do this. Our main concern is to not have
someone get their code and give it to all his friends, so we'll need to have
a code that's tied to the user's machine or something to that effect.