|
Passing Security Context to remote objects
I have an asp.net app that is using .Net remoting (tcp/binary).
I am using Integrated Windows Authentication and will be authenticating against active directory. I will then need to use the ADSI DirectoryEntry and/or DirectorySearch to get the groups the user is in. Is there a way to pass the users security context that I get back from AD over to the remoting server so that I can do the searching from there? Thanks. STom |
Re: Passing Security Context to remote objects
Hi!,
How exactly is your app performing authentication using win auth? are you using SSPI and a custom channel? if you're authenticating the user at the client, you should do it at the server instead. you should use SSPI and authentication will be done at the remoting server, and then you'll have the context there. if you think I'm missing sthg, let me know. bye "STom" <stombiztalker@hotmail.com> wrote in message news:etKWdTvbDHA.2284@TK2MSFTNGP12.phx.gbl... > I have an asp.net app that is using .Net remoting (tcp/binary). > > I am using Integrated Windows Authentication and will be authenticating > against active directory. > > I will then need to use the ADSI DirectoryEntry and/or DirectorySearch to > get the groups the user is in. > > Is there a way to pass the users security context that I get back from AD > over to the remoting server so that I can do the searching from there? > > Thanks. > > STom > > |
Re: Passing Security Context to remote objects
The authentication is being performed automatically by using Integrated
Windows Security, therefore there is no reason to do this on the server side. We have figured out that we do not need to pass the security context to the server to do what we need to do, but thanks for your answer anyway. lw "Hernan Ochoa" <hochoa@corest.com> wrote in message news:%233pY$jicDHA.2508@tk2msftngp13.phx.gbl... > Hi!, > > How exactly is your app performing authentication using win auth? > are you using SSPI and a custom channel? if you're authenticating the user > at the client, you should do it at the server instead. > you should use SSPI and authentication will be done at the remoting server, > and then you'll have the context there. > > if you think I'm missing sthg, let me know. > bye > > "STom" <stombiztalker@hotmail.com> wrote in message > news:etKWdTvbDHA.2284@TK2MSFTNGP12.phx.gbl... > > I have an asp.net app that is using .Net remoting (tcp/binary). > > > > I am using Integrated Windows Authentication and will be authenticating > > against active directory. > > > > I will then need to use the ADSI DirectoryEntry and/or DirectorySearch to > > get the groups the user is in. > > > > Is there a way to pass the users security context that I get back from AD > > over to the remoting server so that I can do the searching from there? > > > > Thanks. > > > > STom > > > > > > |
Re: Passing Security Context to remote objects
oh, ok, so your remoting client was a webapp? sorry, I should've guessed it
:) mm, who does the search? the remoting server? mm, well, I don't actually understand exactly what you're doing, but if your remoting server is not requiring any kind of authentication/authz, I'd shtg about that. bye! "STom" <stombiztalker@hotmail.com> wrote in message news:%23d5Z0O6cDHA.2296@TK2MSFTNGP09.phx.gbl... > The authentication is being performed automatically by using Integrated > Windows Security, therefore there is no reason to do this on the server > side. > > We have figured out that we do not need to pass the security context to the > server to do what we need to do, but thanks for your answer anyway. > > lw > "Hernan Ochoa" <hochoa@corest.com> wrote in message > news:%233pY$jicDHA.2508@tk2msftngp13.phx.gbl... > > Hi!, > > > > How exactly is your app performing authentication using win auth? > > are you using SSPI and a custom channel? if you're authenticating the user > > at the client, you should do it at the server instead. > > you should use SSPI and authentication will be done at the remoting > server, > > and then you'll have the context there. > > > > if you think I'm missing sthg, let me know. > > bye > > > > "STom" <stombiztalker@hotmail.com> wrote in message > > news:etKWdTvbDHA.2284@TK2MSFTNGP12.phx.gbl... > > > I have an asp.net app that is using .Net remoting (tcp/binary). > > > > > > I am using Integrated Windows Authentication and will be authenticating > > > against active directory. > > > > > > I will then need to use the ADSI DirectoryEntry and/or DirectorySearch > to > > > get the groups the user is in. > > > > > > Is there a way to pass the users security context that I get back from > AD > > > over to the remoting server so that I can do the searching from there? > > > > > > Thanks. > > > > > > STom > > > > > > > > > > > > |
| All times are GMT. The time now is 06:43 PM. |
Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.