function call from unmanaged code returns empty string - HELP!!!!

Discussion in 'ASP .Net Security' started by Joe, Feb 17, 2009.

  1. Joe

    Joe Guest

    HI ng,

    I am attempting to call a function in a managed .NET DLL from an asp page
    that signs an xml doc and returns the string to the calling asp page.

    I have this code working in my windows test app with no prob, but cannot
    seem to make the same call from my classic asp page.

    When I view the asp page my object gets created no problem, my function gets
    called, but seems to fail around the point where I create a
    RSACryptoServiceProvider object.

    To me this says it is a permissions issue, but I do not know what permission
    and where.

    thx for help!
    Joe, Feb 17, 2009
    #1
    1. Advertising

  2. Joe

    Joe Kaplan Guest

    It sounds like a probable permissions problem on the private key associated
    with the certificate. By default, only admin and system have permissions to
    read a private key. The ASP app will run under an app pool identity but ASP
    also always impersonates the authenticated user (or the anonymous user if
    anonymous auth is used), so it would need permissions to read the private
    key. The key would also need to be stored in the Machine store and not in
    the local user store.

    If you don't want to give permissions to the private key to the
    authenticated user, you might need to consider putting your COM component
    under COM+ and running it as a fixed identity that is granted the necessary
    permissions.

    Tools like process monitor from MS/SysInternals can help with finding these
    types of permissions issues on files and registry keys.

    --
    Joe Kaplan-MS MVP Directory Services Programming
    Co-author of "The .NET Developer's Guide to Directory Services Programming"
    http://www.directoryprogramming.net
    "Joe" <> wrote in message
    news:utUh$...
    > HI ng,
    >
    > I am attempting to call a function in a managed .NET DLL from an asp page
    > that signs an xml doc and returns the string to the calling asp page.
    >
    > I have this code working in my windows test app with no prob, but cannot
    > seem to make the same call from my classic asp page.
    >
    > When I view the asp page my object gets created no problem, my function
    > gets called, but seems to fail around the point where I create a
    > RSACryptoServiceProvider object.
    >
    > To me this says it is a permissions issue, but I do not know what
    > permission and where.
    >
    > thx for help!
    >
    Joe Kaplan, Feb 18, 2009
    #2
    1. Advertising

  3. Joe

    Joe Van Meer Guest

    Thx Joe!

    I appreciate your information, your tip about "The key would also need to be
    stored in the Machine store and not in
    > the local user store." was dead on the issue. Turns out it was installed
    > in localUser's not the localmachine's.


    cheers & thanks mate, joe :)





    "Joe Kaplan" <> wrote in message
    news:...
    > It sounds like a probable permissions problem on the private key
    > associated with the certificate. By default, only admin and system have
    > permissions to read a private key. The ASP app will run under an app pool
    > identity but ASP also always impersonates the authenticated user (or the
    > anonymous user if anonymous auth is used), so it would need permissions to
    > read the private key. The key would also need to be stored in the Machine
    > store and not in the local user store.
    >
    > If you don't want to give permissions to the private key to the
    > authenticated user, you might need to consider putting your COM component
    > under COM+ and running it as a fixed identity that is granted the
    > necessary permissions.
    >
    > Tools like process monitor from MS/SysInternals can help with finding
    > these types of permissions issues on files and registry keys.
    >
    > --
    > Joe Kaplan-MS MVP Directory Services Programming
    > Co-author of "The .NET Developer's Guide to Directory Services
    > Programming"
    > http://www.directoryprogramming.net
    > "Joe" <> wrote in message
    > news:utUh$...
    >> HI ng,
    >>
    >> I am attempting to call a function in a managed .NET DLL from an asp
    >> page that signs an xml doc and returns the string to the calling asp
    >> page.
    >>
    >> I have this code working in my windows test app with no prob, but cannot
    >> seem to make the same call from my classic asp page.
    >>
    >> When I view the asp page my object gets created no problem, my function
    >> gets called, but seems to fail around the point where I create a
    >> RSACryptoServiceProvider object.
    >>
    >> To me this says it is a permissions issue, but I do not know what
    >> permission and where.
    >>
    >> thx for help!
    >>

    >
    Joe Van Meer, Feb 19, 2009
    #3
  4. Joe

    Joe Kaplan Guest

    Glad that was easy. These issues frequently are not. :)

    --
    Joe Kaplan-MS MVP Directory Services Programming
    Co-author of "The .NET Developer's Guide to Directory Services Programming"
    http://www.directoryprogramming.net
    "Joe Van Meer" <> wrote in message
    news:...
    > Thx Joe!
    >
    > I appreciate your information, your tip about "The key would also need to
    > be stored in the Machine store and not in
    >> the local user store." was dead on the issue. Turns out it was installed
    >> in localUser's not the localmachine's.

    >
    > cheers & thanks mate, joe :)
    >
    >
    >
    >
    >
    Joe Kaplan, Feb 19, 2009
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Gnanaprakash Rathinam

    How to obtain assembly name in unmanaged call?

    Gnanaprakash Rathinam, Dec 22, 2004, in forum: ASP .Net
    Replies:
    3
    Views:
    533
    David Levine
    Dec 23, 2004
  2. Hanif
    Replies:
    6
    Views:
    17,745
    Paul Lutus
    Oct 17, 2003
  3. GAH
    Replies:
    0
    Views:
    494
  4. Ted

    ASP.NET App with Unmanaged Code - HELP!

    Ted, Dec 10, 2004, in forum: ASP .Net Security
    Replies:
    1
    Views:
    139
    Kaustav
    Dec 15, 2004
  5. Simon Strandgaard

    [bug] String#split returns extra empty string

    Simon Strandgaard, May 31, 2004, in forum: Ruby
    Replies:
    8
    Views:
    336
    David A. Black
    Jun 1, 2004
Loading...

Share This Page