How to authenticate a calling assembly
From: qdm (qdm0308_at_yahoo.com)
Date: 27 Oct 2003 08:28:57 -0800
Hello security specialists ... can you lend an ear? I would like to
enhance the security of an existing application. Currently, the
client tier of the application makes remoting calls to the business
tier. At the business tier, I want to verify that the remoting call
originated from an assembly that was signed using my company's private
key. The middle tier assembly will be signed in the same way. Has
anyone experience, or just a good idea for doing this? In the client,
I do have the freedom to send what I want in the call context.
Any help or thoughts are deeply appreciated!