RE: Is WindowsPrincipal is Remotable ?

From: Klaus Holster (msdn_ng_at_klausholsterpunktde)
Date: 09/17/05

  • Next message: Valery Pryamikov: "Re: Importance of salt" 
    Date: Sat, 17 Sep 2005 03:15:02 -0700

    Hello Karthik,

    adding to Dominik's post, here's a link talking about securing a Remoting
    application with .NET 1.1:

    http://channel9.msdn.com/wiki/default.aspx/Channel9.RemotingSecurityGuidelines

    .NET 2.0 adds a number of security related features to Remoting:

    http://msdn.microsoft.com/msdntv/transcripts/20050120NETMTTranscript.aspx

    Hth,

    Klaus

    "Karthik" schrieb:

    > This is regarding passing WindowsPrincipal from my client to the server; I’m
    > developing a Windows based application in c#.
    >
    > When ever I try to pass WindowsPrincipal object from the client to server it
    > says “Exception ha been throw at target invocation…”
    >
    > I’m using call context (that class is inherited by ILogicalThreadAffinative)
    > to pass the object, but still I’m getting the same error at runtime. I’m
    > using Server activated Remoting.
    >
    > Now I’m having a list of quires so can any one please look into them?
    >
    > Questions
    >
    > 1. How to pass WindowsPrincipal across layers?
    >
    > 2. Presently my server is hosted on console application(the listener) if I
    > change this as Windows service does my security logic (passing windows
    > principal object and validating into the BL ) or any other code needs to be
    > changed or it won’t be a problem
    >
    > 3. Instead of using WindowsPrincipal If I use GenericIdentity with
    > GenericPrincipal I’m able to pass across layer so, can I use this method for
    > my security check. I’m creating the GenericIdentity by getting the
    > WindowsIdentity’s Name as argument to GenericIdentity.
    >
    > Even if it is Ok I wanted to know why I’m not able to pass WindowsPrincipal
    > object to my BL.
    >
    > 4. What is the behavior of my Server Class if I decorate it with
    > [Serializable] as well as inherited by MarshalByRefObject.?
    >
    > 5. Is there any correlation between [Serializable], MarshalByRefObject
    > and Client Activated, Server Activated type of Remoting?
    >
    >

  • Next message: Valery Pryamikov: "Re: Importance of salt"

    Relevant Pages

    • SecurityFocus Microsoft Newsletter #164
      ... Got Storage Security Risks? ... MICROSOFT VULNERABILITY SUMMARY ... Chat Client FTP Server Default Username Credential Weak... ... NetServe Web Server is a compact web server for Microsoft Windows ...
      (Focus-Microsoft)
    • Re: im being held in memory
      ... How can I harden my computer or server to secure it from hackers? ... Use firewall software and hardware and antivirus software that is ... Follow the instructions for hardening Windows and IIS at ... Install all service packs and security fixes from Microsoft and otherwise ...
      (microsoft.public.security)
    • MS and security: good effort but no cigar
      ... build upon the progress it's already made in security. ... The low-hanging fruit of millions of insecure Windows machines ... Then there's the issue of poorly secured server applications. ... and execute external virus and filtering ...
      (microsoft.public.windowsxp.general)
    • SecurityFocus Microsoft Newsletter #167
      ... MICROSOFT VULNERABILITY SUMMARY ... Multiple Vendor XML Parser SOAP Server Denial Of Service Vul... ... Proactive Windows Security Explorer ...
      (Focus-Microsoft)
    • Re: Group Policy broke my DCs
      ... > need to be very careful with tweaking services on domain controllers. ... > Group Policy - security policy at the OU level which makes it much easier ... > is complied from the Windows 2003 Server Security guide for baseline core ...
      (microsoft.public.windows.group_policy)