Re: WindowsIdentity.GetCurrent().Token cannot be used when remoting?
- From: "ThunderMusic" <NoSpAmdanlatathotmaildotcom@xxxxxxxxxx>
- Date: Wed, 12 Jul 2006 09:16:49 -0400
oh, you're right, you answered the original question... I probably missed
it... people answered just about anything on this thread on I came a bit
uninterested so I searched a bit more on my side before coming back with new
elements.
thanks for the link, I'll have a look... ;)
ThunderMusic
"Dominick Baier" <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:4580be63400a8c873dc4b24e9f7@xxxxxxxxxxxxxxxxxxxxx
i think i have replied like 1 week ago to your original question...
this is easily possible in 2.0 - remoting supports integrated auth and if
you wanna go down to socket level - NegotiateStream is the class that does
the heavy lifting there.
you don't have to "invent" your own security system.
here is a sample:
http://www.leastprivilege.com/content/binary/SecureRemoting.zip
I'm on framework 2.0... Actually, all I want to do is "Integrated
Windows Security". The user is authenticated on the client machine, so
there must be something I can do to make the server know which user is
authenticated and get it's informations from the domain server (like
groups, et al.) I thought Token was the way to go, but without
success... By using the User SID, would there be a way for my server
app (not on the domain server, but still in the same domain) to know
in which groups is this user? I don't even have to know which user it
is (if I can know, fine, I can log it, but otherwise it's not that
important), I just need it's groups...
Thanks
ThunderMusic
"Dominick Baier" <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in message news:4580be633f358c8739a97f61020@xxxxxxxxxxxxxxxxxxxxx
regardless of the version - you cannot transfer tokens across the
network - they only have a meaning in the machine where they were
created.
In addition this would mean that you extend the trusted subsystem to
the client, which defeats the purpose of network authentication.
Hi,
I want to be able to retrieve user information on the server of my
remoting
app... What I did is the following : I called
System.Security.WindowsIdentity.GetCurrent().Token and sent it to
the
server
(via remoting). When I try to recreate the WindowsIdentity using the
Token
server-side, it tells me the Token is invalid even if the server app
is on
the same computer (same windows, same all) than the client app.
Is there a way I can do what I need to do? I mean, be able to
retrieve
the user infos (groups) using something I can send through network?
(ideally encrypted)
I've also seen in the same object, the property .User (that contains
the User SID on the NT Network). Is there something to do with this
value so I can retrieve the user it belongs to and get the groups
(or roles) it's in?
thanks
ThunderMusic
.
- References:
- Re: WindowsIdentity.GetCurrent().Token cannot be used when remoting?
- From: ThunderMusic
- Re: WindowsIdentity.GetCurrent().Token cannot be used when remoting?
- From: Dominick Baier
- Re: WindowsIdentity.GetCurrent().Token cannot be used when remoting?
- Prev by Date: Re: WindowsIdentity.GetCurrent().Token cannot be used when remoting?
- Next by Date: Re: WindowsIdentity.GetCurrent().Token cannot be used when remoting?
- Previous by thread: Re: WindowsIdentity.GetCurrent().Token cannot be used when remoting?
- Next by thread: Re: WindowsIdentity.GetCurrent().Token cannot be used when remoting?
- Index(es):
Relevant Pages
|
|
