Re: .NET 2.0 Remoting Bug?

would you mind filing this bug here:

they usually get back quite timely.

Dominick Baier - DevelopMentor

Nope, I'm still getting a GenericPrincipal. Turning impersonation on
in the server as well gives a WindowsPrincipal.

Here is someone who encountered exactly the same problem:
/ng-110029_IsInRole_always_return_fasle_on_secure_remoting_ca_.aspx .

Apparently the tip he got was to authenticate against
ActiveDirectory himself. Creating a new WindowsPrincipal is infinitely
simpler, not to mention also works if there's no ActiveDirectory.

It still seems like a Microsoft bug, though.

"Dominick Baier [DevelopMentor]" wrote:

looks ok...

what happens if you change the token impersonation level on the
client (without changing the impersonate setting on the server)

Dominick Baier - DevelopMentor
Well, on the server I use the following configuration:

<?xml version="1.0" encoding="utf-8" ?>
<channel ref="tcp" secure="true" impersonate="false"
name="ShadowChannel" port="8122">
<formatter ref="binary"/>
<wellknown mode="SingleCall"
and I simply call RemoteConfiguration.Configure. In every method of
the CommandInput object I get a GenericPrincipal in
The client doesn't use a config file, its initialization code looks
like this:

public class ShadowInputProvider
private static TcpClientChannel s_Channel;
static ShadowInputProvider()
IDictionary props = new Hashtable();
props["secure"] = true;
props["connectionTimeout"] = 1000;
props["tokenImpersonationLevel"] =
s_Channel = new TcpClientChannel(props, null);
ChannelServices.RegisterChannel(s_Channel, true);
public static IShadowProvider GetProvider()
IShadowProvider provider = (IShadowProvider)
return provider;
Configuration.ShadowServer.URL is a string containing the actual URL
(it's the correct URL...). IShadowProvider is the interface
implemented by the CommandInput class in the server.
"Dominick Baier [DevelopMentor]" wrote:
can you show me your config and remoting security relevant code...

i never saw this before....


Relevant Pages

  • Re: How to determine if the logged on user is in a group
    ... Dominick Baier - DevelopMentor ... I found that you to reboot the SERVER after you create a new group and put users in it so that the new group and the users appear in the whoami list on the server. ... although he is a member of these groups. ...
  • Re: Web App Security and MSIE Settings
    ... Dominick Baier - DevelopMentor ... The "Intranet users" group have read access to the virtual directory. ... server: ...
  • Re: Issues With User Control Embedded Into Web Page Since Installing .NET 2.0
    ... Dominick Baier - DevelopMentor ... I deployed the same test project to another 2003 server in the same ... - The issues stated above are reproducable from any client, ...
  • Re: CryptoAPI, System.Security.Cryptography Interoperability
    ... > there is a newsgroup dedicated to cryptograhphy on that server - name ... > Dominick Baier - DevelopMentor ... >> I guess I'm astounded that using .NET on a server and the CryptoAPI ...
  • Re: Web App Security and MSIE Settings
    ... Dominick Baier - DevelopMentor ... In an AD mixed mode environment, MSIE clients running on WinXP have ... problems accessing ASP .NET applications hosted in a Win 2003 server ...