Is it possible to secure an assembly called by a web app?

Discussion in 'ASP .Net Security' started by Bosco, Sep 21, 2004.

  1. Bosco

    Bosco Guest

    I am writing an assembly in the 1.1 framework that will be called by an
    ASP.NET application and I have a few questions about security.

    First off the assembly to be called by the web app is 'privileged code' as
    it makes numerous calls to both DirectoryServices and possibly in the future
    ADO.

    I am trying to understand how I can use Code Access Security or
    Identity/Principal objects in order to authorize access to the public Classes
    and methods of my privileged dll.

    I cannot strong name the ASP assembly so I couldn't simply place Code Access
    Security on the privileged assembly limiting it to the ASP assembly only.
    And also, if I understand correctly, ASP Principal and Identity objects work
    differently in ASP assemblies than in non-ASP assemblies. i.e. in non-ASP
    assemblies the identity is tied to the thread where as in ASP the identity is
    tied to
    cookies or some other form of session state.

    So how does a privileged dll that is to be called by an ASP web application
    assembly restrict access to it's public classes and methods or implement any
    sort of security policy at all?

    Thanks in advance,
    -------------
    Bosco

    --
    -----------
    Bosco
    Bosco, Sep 21, 2004
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. A.M
    Replies:
    5
    Views:
    5,412
    Teemu Keiski
    Jun 8, 2004
  2. Daniel Malcolm
    Replies:
    0
    Views:
    541
    Daniel Malcolm
    Jan 24, 2005
  3. Replies:
    0
    Views:
    650
  4. pkellner
    Replies:
    0
    Views:
    486
    pkellner
    Apr 27, 2007
  5. Maras
    Replies:
    0
    Views:
    109
    Maras
    Jun 17, 2004
Loading...

Share This Page