Re: How to get the WindowsIdentity of the caller of my excutable?
From: Alek Davis (alek_xDOTx_davis_xATx_intel_xDOTx_com)
Date: 06/24/04
- Previous message: Rob Teixeira [MVP]: "Re: permission to asp.net account on a network folder"
- In reply to: Cindy Liu: "Re: How to get the WindowsIdentity of the caller of my excutable?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 23 Jun 2004 17:21:53 -0700
Please read my first reply. It mentions the three most obvious options I can
suggest.
Alek
"Cindy Liu" <CindyLiu@discussions.microsoft.com> wrote in message
news:2C8AFDDD-B902-4F6E-91A1-C0ADA9D023F9@microsoft.com...
> I know it is not a good approach. Since my remoting object has to be
hosted by Windows service, as you said that CLR does not support any
security aspects in .NET
> remoting objects running inside of Windows services, so the only way is to
pass in the identity. Do you have any other way?
>
> Thanks,
> Cindy
>
> "Alek Davis" wrote:
>
> > This is a very bad approach. If the user identity is passed as a method
> > parameter, what will prevent a malicious application to call this method
> > specifying any user it wants? If you need to know caller's identity for
> > security reasons, you should not do this. Regarding how to detect
caller's
> > identity from a COM+ object, it depends how you implemented the com
object.
> > If it is a C/C++ application, you get the caller's identity from the
thread
> > context (or HTTP context). I am not sure about C#, but there must be
lots of
> > examples how to do this. Sorry, I haven't worked with COM+ for years, so
I
> > do not have an example at hand, but really this should not be difficult
to
> > find.
> >
> > Alek
> >
> > "Cindy Liu" <CindyLiu@discussions.microsoft.com> wrote in message
> > news:8298CBE8-D8EB-4A05-A584-4E8A88655DBC@microsoft.com...
> > > If COM+ can do it easily, can you tell me how?
> > >
> > > Since there is no way to get the identity of the caller from .Net
remoting
> > object hosted by Windows service, so I decide to pass the identity of
the
> > caller with the methods of my remoting object. The caller of my remoting
> > object is COM+ dll and its callers are asp pages. So now I want to get
the
> > identity of caller from COM+.
> > >
> > > Thanks for your help!!!
> > > Cindy
> > >
> > > "Alek Davis" wrote:
> > >
> > > > I am confused: which module do you want to detect the identity of
the
> > > > caller: COM+ DLL or remoting object hosted in a Windows service.
COM+
> > must
> > > > be able to do it easily, but not the remoting object.
> > > >
> > > > Alek
> > > >
> > > > "Cindy Liu" <CindyLiu@discussions.microsoft.com> wrote in message
> > > > news:F1F901AA-883F-4AF7-BEFE-A425BDB6A20E@microsoft.com...
> > > > > Yes, my Windows service hosts a .Net remoting object, and I have a
> > COM+
> > > > dll talking to it from different computer, and a web server on the
same
> > box
> > > > calling COM+ methods. Now I want to pass WondowsIdentity token from
COM+
> > dll
> > > > to my Windows service. Can COM+ dll determine who is the caller, or
my
> > web
> > > > server has to get the token and pass to COM+ dll?
> > > > >
> > > > > "Alek Davis" wrote:
> > > > >
> > > > > > Cindy,
> > > > > >
> > > > > > I assume that your Windows service encapsulates a .NET remoting
> > object;
> > > > > > otherwise, your question does not make much sense: a regular
Windows
> > > > service
> > > > > > just runs on its own with the identity defined in the Service
> > Control
> > > > > > Manager (which is trivial to obtain). If my assumption is
correct,
> > you
> > > > are
> > > > > > out of luck, because CLR does not support any security aspects
in
> > ..NET
> > > > > > remoting objects running inside of Windows services. You options
> > would
> > > > be
> > > > > > to: (a) host your .NET remoting object in an ASP.NET application
> > instead
> > > > of
> > > > > > Windows service; (b) use SSPI (I cannot comment on this, but
there
> > are
> > > > some
> > > > > > references on the Web); or (c) use a commercial product like
> > > > GenuineChannels
> > > > > > (see http://www.genuinechannels.com/).
> > > > > >
> > > > > > Alek
> > > > > >
> > > > > > "Cindy Liu" <CindyLiu@discussions.microsoft.com> wrote in
message
> > > > > > news:EE740459-E1C4-4AAE-8E5E-A6DB5C72FE27@microsoft.com...
> > > > > > > Hi Everyone,
> > > > > > >
> > > > > > > I created my Windows service. I want to get the
WindowsIdentity of
> > the
> > > > > > caller that calls my method in my Windows service. How do I do
that?
> > > > > > >
> > > > > > > Thanks in advance!!!
> > > > > > > Cindy
> > > > > >
> > > > > >
> > > > > >
> > > >
> > > >
> > > >
> >
> >
> >
- Previous message: Rob Teixeira [MVP]: "Re: permission to asp.net account on a network folder"
- In reply to: Cindy Liu: "Re: How to get the WindowsIdentity of the caller of my excutable?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
