Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > ASP.NET security and RSA SecurID

Reply
Thread Tools

ASP.NET security and RSA SecurID

 
 
Alan Chen
Guest
Posts: n/a
 
      09-15-2004
Hi,
I have a dll that wraps RSA SecurID package. It works great if I call
the api from a Console app. But SD_Check() always failed (Access
denied even if I passed in correct user id and passcode) every time
when I call the api from a web service or a web app. I suspect that
web.config or IIS need to be modified but don't know how.
Any suggestions? Thanks.
 
Reply With Quote
 
 
 
 
Joe Kaplan \(MVP - ADSI\)
Guest
Posts: n/a
 
      09-16-2004
What if you change the processModel or App Pool ID to a more privileged
account such as an administrator or SYSTEM? It could be that it is trying
to access a file or registry key that requires a more privileged account
than what ASP.NET is running under.

Regmon or Filemon from SysInternals is often very helpful at tracking this
kind of thing down. Running the console app under a regular user account
might be good too.

I'd love to see your code if you'd be interested in sharing. I've got ACE
servers out the wazoo here!

HTH,

Joe K.

"Alan Chen" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) om...
> Hi,
> I have a dll that wraps RSA SecurID package. It works great if I call
> the api from a Console app. But SD_Check() always failed (Access
> denied even if I passed in correct user id and passcode) every time
> when I call the api from a web service or a web app. I suspect that
> web.config or IIS need to be modified but don't know how.
> Any suggestions? Thanks.



 
Reply With Quote
 
 
 
 
Alan Chen
Guest
Posts: n/a
 
      09-16-2004
Joe,
Thanks for your reply.
You are right and nice tool you suggested, I use Regmon and found the
difference as follow:

10:07:52
AM aspnet_wp.exe:1104 OpenKey HKLM\SOFTWARE\SDTI\ACECLIENT ACCDENIED
9:59:47
AM ConsoleApplicat:3696 OpenKey HKLM\SOFTWARE\SDTI\ACECLIENT SUCCESS
The first item is from Web app and second is from Console app.
For quick experiment, I just gave ASPNET user a Admin priviledge
temperarely and the web app passed the check!
I will probably use impersonate to get a more elegant solution.

For you reference, I got most of the code from here:
http://groups.google.com/groups?q=sd...F-8&selm=%235y
FTrV7DHA.1428%40TK2MSFTNGP12.phx.gbl&rnum=1

I made it a dll and reference in both console and web app. The test I
used is very simple:

private void Button1_Click(object sender, System.EventArgs e)
{
string userName = TextBox1.Text;
string passcode = TextBox2.Text;
int status = Authentication.VerifySecurID(userName, passcode);
TextBox3.Text = status.ToString();
}




*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Rsa SecurID m.bergonzoni@gmail.com Cisco 4 01-30-2009 03:12 AM
RSA SecurID token authentication? Chris Shenton Python 1 05-31-2007 02:07 PM
maybe OT: RSA ACE/Server - SecurID login from NAS Martin Bilgrav Cisco 7 09-09-2005 01:26 PM
64bit VPN with RSA SecurID =?Utf-8?B?QW5keQ==?= Windows 64bit 0 08-01-2005 12:32 AM
Can I use PPTP-based VPN with Cisco PIX and RSA Securid? Trond Hindenes Cisco 1 07-10-2003 12:14 PM



Advertisments