Hi,
I have trying to perform authorization when an object is called remotely.
To demonstrate, I've created a simple console App called RemoteHost and a simple console app colled RemoteClient (i.e. I'm not using IIS to house the remote host). They use a secure TCP connection, so authentication is taken care of by Kerberos (correct me if I'm wrong!).
So far so good. The problem comes when I try to authorize the remote caller to perform an action. I get 'Security Exception: Request for principal permission failed'.
Snippet from RemoteClient:
Snippet from RemoteHost:
The remote command listener implements IRemoteObject and simply raises the static event CommandReceived when it receives the call to DoSomething().
I'd be grateful on any advice on where I'm going wrong! If you need any more information, please let me know.
All code is .Net 2.0
Thanks,
Graeme
"Just beacuse you're paranoid, don't mean they're not after you
I have trying to perform authorization when an object is called remotely.
To demonstrate, I've created a simple console App called RemoteHost and a simple console app colled RemoteClient (i.e. I'm not using IIS to house the remote host). They use a secure TCP connection, so authentication is taken care of by Kerberos (correct me if I'm wrong!).
So far so good. The problem comes when I try to authorize the remote caller to perform an action. I get 'Security Exception: Request for principal permission failed'.
Snippet from RemoteClient:
Code:
static void Main(string[] args)
{
AppDomain.CurrentDomain.SetPrincipalPolicy(System.Security.Principal.PrincipalPolicy.WindowsPrincipal);
IDictionary properties = new Hashtable();
properties.Add("secure", true);
properties.Add("connectionTimeout", int.MaxValue);
properties.Add("tokenImpersonationLevel", "Impersonation");
TcpClientChannel chan = new TcpClientChannel(properties, null);
ChannelServices.RegisterChannel(chan, true);
IRemoteHost remoteObj1 = (IRemoteHost)Activator.GetObject(
typeof(IRemoteHost), "tcp://MyPc:8100/EndPoint1");
if (remoteObj1 == null)
{
Console.WriteLine("Could not locate server");
return;
}
else
{
remoteObj1.DoSomething();
}
}Snippet from RemoteHost:
Code:
static void Main()
{
AppDomain.CurrentDomain.SetPrincipalPolicy(System.Security.Principal.PrincipalPolicy.WindowsPrincipal);
RemoteHost.RemoteCommandListener listener = new RemoteHost.RemoteCommandListener(8100, true);
RemoteHost.RemoteCommandListener.CommandReceived += new EventHandler(RemoteCommandListener_CommandReceived);
listener.StartListen("EndPoint1");
Console.ReadLine();
}
[PrincipalPermission(SecurityAction.Demand, Role = "RoleOnMyDomain")]
static void RemoteCommandListener_CommandReceived(object sender, EventArgs e)
{
Console.WriteLine("Received a command!");
}The remote command listener implements IRemoteObject and simply raises the static event CommandReceived when it receives the call to DoSomething().
I'd be grateful on any advice on where I'm going wrong! If you need any more information, please let me know.
All code is .Net 2.0
Thanks,
Graeme
"Just beacuse you're paranoid, don't mean they're not after you