Passing Security Context to remote objects

Discussion in 'ASP .Net Security' started by STom, Aug 30, 2003.

  1. STom

    STom Guest

    I have an asp.net app that is using .Net remoting (tcp/binary).

    I am using Integrated Windows Authentication and will be authenticating
    against active directory.

    I will then need to use the ADSI DirectoryEntry and/or DirectorySearch to
    get the groups the user is in.

    Is there a way to pass the users security context that I get back from AD
    over to the remoting server so that I can do the searching from there?

    Thanks.

    STom
     
    STom, Aug 30, 2003
    #1
    1. Advertising

  2. STom

    Hernan Ochoa Guest

    Hi!,

    How exactly is your app performing authentication using win auth?
    are you using SSPI and a custom channel? if you're authenticating the user
    at the client, you should do it at the server instead.
    you should use SSPI and authentication will be done at the remoting server,
    and then you'll have the context there.

    if you think I'm missing sthg, let me know.
    bye

    "STom" <> wrote in message
    news:...
    > I have an asp.net app that is using .Net remoting (tcp/binary).
    >
    > I am using Integrated Windows Authentication and will be authenticating
    > against active directory.
    >
    > I will then need to use the ADSI DirectoryEntry and/or DirectorySearch to
    > get the groups the user is in.
    >
    > Is there a way to pass the users security context that I get back from AD
    > over to the remoting server so that I can do the searching from there?
    >
    > Thanks.
    >
    > STom
    >
    >
     
    Hernan Ochoa, Sep 3, 2003
    #2
    1. Advertising

  3. STom

    STom Guest

    The authentication is being performed automatically by using Integrated
    Windows Security, therefore there is no reason to do this on the server
    side.

    We have figured out that we do not need to pass the security context to the
    server to do what we need to do, but thanks for your answer anyway.

    lw
    "Hernan Ochoa" <> wrote in message
    news:%233pY$...
    > Hi!,
    >
    > How exactly is your app performing authentication using win auth?
    > are you using SSPI and a custom channel? if you're authenticating the user
    > at the client, you should do it at the server instead.
    > you should use SSPI and authentication will be done at the remoting

    server,
    > and then you'll have the context there.
    >
    > if you think I'm missing sthg, let me know.
    > bye
    >
    > "STom" <> wrote in message
    > news:...
    > > I have an asp.net app that is using .Net remoting (tcp/binary).
    > >
    > > I am using Integrated Windows Authentication and will be authenticating
    > > against active directory.
    > >
    > > I will then need to use the ADSI DirectoryEntry and/or DirectorySearch

    to
    > > get the groups the user is in.
    > >
    > > Is there a way to pass the users security context that I get back from

    AD
    > > over to the remoting server so that I can do the searching from there?
    > >
    > > Thanks.
    > >
    > > STom
    > >
    > >

    >
    >
     
    STom, Sep 5, 2003
    #3
  4. STom

    Hernan Ochoa Guest

    oh, ok, so your remoting client was a webapp? sorry, I should've guessed it
    :)
    mm, who does the search? the remoting server? mm, well, I don't actually
    understand exactly what you're
    doing, but if your remoting server is not requiring any kind of
    authentication/authz, I'd shtg about that.

    bye!


    "STom" <> wrote in message
    news:%...
    > The authentication is being performed automatically by using Integrated
    > Windows Security, therefore there is no reason to do this on the server
    > side.
    >
    > We have figured out that we do not need to pass the security context to

    the
    > server to do what we need to do, but thanks for your answer anyway.
    >
    > lw
    > "Hernan Ochoa" <> wrote in message
    > news:%233pY$...
    > > Hi!,
    > >
    > > How exactly is your app performing authentication using win auth?
    > > are you using SSPI and a custom channel? if you're authenticating the

    user
    > > at the client, you should do it at the server instead.
    > > you should use SSPI and authentication will be done at the remoting

    > server,
    > > and then you'll have the context there.
    > >
    > > if you think I'm missing sthg, let me know.
    > > bye
    > >
    > > "STom" <> wrote in message
    > > news:...
    > > > I have an asp.net app that is using .Net remoting (tcp/binary).
    > > >
    > > > I am using Integrated Windows Authentication and will be

    authenticating
    > > > against active directory.
    > > >
    > > > I will then need to use the ADSI DirectoryEntry and/or DirectorySearch

    > to
    > > > get the groups the user is in.
    > > >
    > > > Is there a way to pass the users security context that I get back from

    > AD
    > > > over to the remoting server so that I can do the searching from there?
    > > >
    > > > Thanks.
    > > >
    > > > STom
    > > >
    > > >

    > >
    > >

    >
    >
     
    Hernan Ochoa, Sep 5, 2003
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. VS_NET_DEV
    Replies:
    2
    Views:
    3,839
    jenny
    May 25, 2004
  2. =?Utf-8?B?U3VuU21pbGU=?=
    Replies:
    0
    Views:
    724
    =?Utf-8?B?U3VuU21pbGU=?=
    Jan 10, 2006
  3. Flip Rayner
    Replies:
    1
    Views:
    739
    bruce barker
    Jan 23, 2007
  4. asd
    Replies:
    1
    Views:
    455
    www.pulpjava.com
    Nov 9, 2006
  5. Jeff Wood
    Replies:
    7
    Views:
    223
    Jeff Wood
    Oct 18, 2005
Loading...

Share This Page