Passing Security Context to remote objects

[STom]

I have an asp.net app that is using .Net remoting (tcp/binary).

I am using Integrated Windows Authentication and will be authenticating
against active directory.

I will then need to use the ADSI DirectoryEntry and/or DirectorySearch to
get the groups the user is in.

Is there a way to pass the users security context that I get back from AD
over to the remoting server so that I can do the searching from there?

Thanks.

STom

 

[Hernan Ochoa]

Hi!,

How exactly is your app performing authentication using win auth?
are you using SSPI and a custom channel? if you're authenticating the user
at the client, you should do it at the server instead.
you should use SSPI and authentication will be done at the remoting server,
and then you'll have the context there.

if you think I'm missing sthg, let me know.
bye

 

[STom]

The authentication is being performed automatically by using Integrated
Windows Security, therefore there is no reason to do this on the server
side.

We have figured out that we do not need to pass the security context to the
server to do what we need to do, but thanks for your answer anyway.

lw

 

[Hernan Ochoa]

oh, ok, so your remoting client was a webapp? sorry, I should've guessed it

mm, who does the search? the remoting server? mm, well, I don't actually
understand exactly what you're
doing, but if your remoting server is not requiring any kind of
authentication/authz, I'd shtg about that.

bye!