Re: website restricted to fixed public IP or to only PC wth predefined configuration

Hi,

well - this may not work for the following reasons:


a) you are extending the trusted subsystem to the user - this is trivial to bypass
b) WMI needs full trust - you obviously won't get that by default - you would have to adjust the security policy on every single client to give your "activex" control full trust.


---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

Hello Dominick ,

I created Windows User Control which is getting MAC ID using WMI.
And I
am using this User control just as ActiveX control do in Internet
explorer.
In other words I am embedding Windows User Controls into Internet
Explorer but i am facing a secuirty problem it's giving following
error
"System.Security.SecurityException: That assembly does not allow
partially
trusted callers.
at
System.Security.CodeAccessSecurityEngine.ThrowSecurityException("
can problem be solved by providing specified permission? If yes what i
have to do for this??

Thanks in advance,
Kausar
"Dominick Baier [DevelopMentor]"
<dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:4580be6319c0d88c85114051dcd10@xxxxxxxxxxxxxxxxxxxxx

You can't.

You should look into certificate based authentication - this would
allow for scenarios where only owners of a valid cert are allowed
access to your application - and you could utilize external hardware
like smart cards.

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
Hello All,

I'm working on an ASP.NET application where I need for
only a
few machines (machines accessing the site will have fixed public IP)
to be
able to have access to the website. It should check some hardware
components
of PC to give access to the website. It should also give access to
users
having dynamic IP address, for all such users their Hardware
fingerprint of
predefined desktops and laptops should be checked before giving the
access
to the website.
Can i use and check the remote machine for its MAC
address
and compare it with my database in ASP.NET. As per my knowledge I
can
get
MAC in windows app using WMI.
How can i get it done in ASP.NET?
Thanks in advance,
Kausar


.

Relevant Pages

  • Re: website restricted to fixed public IP or to only PC wth predefined configuration
    ... I am getting MAC ID of client's system ... I don't want to let the people to browse my website from cybercafe. ... I created Windows User Control which is getting MAC ID using WMI. ... few machines ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Outputting text when using code behind?
    ... For the menu I should use one user control, for the latest news box another ... and do you know some example website source code available which I can ... > I'm guessing that the solution solution has to be something like inserting ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Accessing a code behind variable from ASPX
    ... Can you make that public variable a property of the user control, ... > I need to be able to access a public code behind variable within my ASPX ... The table requires a background image. ... > is at the root of the website, ...
    (microsoft.public.dotnet.framework.aspnet)
  • caching in aspnet
    ... I'm trying to do server caching for some pages of a ... All the pages include the same user control to which they pass a parameter. ... When I go to the website through localhost on the server ... the pages from anywhere else the load time is the same ...
    (microsoft.public.dotnet.framework.aspnet)