securing a web service
From: Sparky (mark.smith_at_nospam.farmade.com)
Date: 05/12/03
- Next message: Ivan Medvedev [MS]: "Re: Help : XML Signature with private key in smart card"
- Previous message: Michelle: "intranet permissions"
- Next in thread: Ivan Medvedev [MS]: "Re: securing a web service"
- Reply: Ivan Medvedev [MS]: "Re: securing a web service"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 12 May 2003 14:54:07 -0700
I am trying to make my web service only call-able from my
winforms program. The winforms program is strong-named - I
have extracted the public key by running:
sn.exe -Tp myappsdll.dll
I have taken the public key and amended by webservice as
follows:
<WebMethod(), _
StrongNameIdentityPermissionAttribute
(SecurityAction.Demand, _
PublicKey:="my public key pasted into here")> _
Public Sub MySub
'code
End Sub
When I access the webservice from my app, I get:
System.Security.SecurityException: Request for the
permission of type
System.Security.Permissions.StrongNameIdentityPermission,
mscorlib,
Version=1.0.5000.0, Culture=neutral, PublicKeyToken=<I
have removed this>
failed.
Can I use StrongNameIdentityPermissionAttribute with
WebServices?
The call stack is:
"System.Web.Services.Protocols.SoapException:
System.Web.Services.Protocols.SoapException: Server was
unable to process
request. ---> System.Security.SecurityException: Request
for the permission
of type
System.Security.Permissions.StrongNameIdentityPermission,
mscorlib,
Version=1.0.5000.0, Culture=neutral, PublicKeyToken=<i
have removed this>
failed.
at
System.Security.CodeAccessSecurityEngine.CheckTokenBasedSet
Helper(Boolean
ignoreGrants, TokenBasedSet grants, TokenBasedSet denied,
TokenBasedSet
demands)
at
System.Security.CodeAccessSecurityEngine.CheckSetHelper
(PermissionSet
grants, PermissionSet denied, PermissionSet demands)
at LEAF_Online.LEAFAuth.GetLatestProgramVersion(Double&
dVersion, String&
sFile) in D:\Vb_Progs.net\LEAF\LEAF-
Online\LEAFAuth.asmx.vb:line 130
The state of the failed permission was:
<IPermission
class="System.Security.Permissions.StrongNameIdentityPermis
sion, mscorlib,
Version=1.0.5000.0, Culture=neutral, PublicKeyToken=<i
have removed this>"
version="1"
PublicKeyBlob="I have removed this"/>
--- End of inner exception stack trace ---
at
System.Web.Services.Protocols.SoapHttpClientProtocol.ReadRe
sponse(SoapClient
Message message, WebResponse response, Stream
responseStream, Boolean
asyncCall)
at
System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke
(String
methodName, Object[] parameters)
at
LEAF.CommonDB.localhost.LEAFAuth.GetLatestProgramVersion
(Double&
dVersion, String& sFile) in
D:\Vb_Progs.net\LEAF\LFNetCommonDB\Web
References\localhost\Reference.vb:line 148
at
LEAF.CommonDB.zcDBQuestion.GetLatestProgramVersionNumber
(Double&
dVersion, String& sFile) in
D:\Vb_Progs.net\LEAF\LFNetCommonDB\zcDBQuestion.vb:line
118"
Help!
- Next message: Ivan Medvedev [MS]: "Re: Help : XML Signature with private key in smart card"
- Previous message: Michelle: "intranet permissions"
- Next in thread: Ivan Medvedev [MS]: "Re: securing a web service"
- Reply: Ivan Medvedev [MS]: "Re: securing a web service"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
