Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > function call from unmanaged code returns empty string - HELP!!!!

Reply
Thread Tools

function call from unmanaged code returns empty string - HELP!!!!

 
 
Joe
Guest
Posts: n/a
 
      02-17-2009
HI ng,

I am attempting to call a function in a managed .NET DLL from an asp page
that signs an xml doc and returns the string to the calling asp page.

I have this code working in my windows test app with no prob, but cannot
seem to make the same call from my classic asp page.

When I view the asp page my object gets created no problem, my function gets
called, but seems to fail around the point where I create a
RSACryptoServiceProvider object.

To me this says it is a permissions issue, but I do not know what permission
and where.

thx for help!


 
Reply With Quote
 
 
 
 
Joe Kaplan
Guest
Posts: n/a
 
      02-18-2009
It sounds like a probable permissions problem on the private key associated
with the certificate. By default, only admin and system have permissions to
read a private key. The ASP app will run under an app pool identity but ASP
also always impersonates the authenticated user (or the anonymous user if
anonymous auth is used), so it would need permissions to read the private
key. The key would also need to be stored in the Machine store and not in
the local user store.

If you don't want to give permissions to the private key to the
authenticated user, you might need to consider putting your COM component
under COM+ and running it as a fixed identity that is granted the necessary
permissions.

Tools like process monitor from MS/SysInternals can help with finding these
types of permissions issues on files and registry keys.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
"Joe" <(E-Mail Removed)> wrote in message
news:utUh$(E-Mail Removed)...
> HI ng,
>
> I am attempting to call a function in a managed .NET DLL from an asp page
> that signs an xml doc and returns the string to the calling asp page.
>
> I have this code working in my windows test app with no prob, but cannot
> seem to make the same call from my classic asp page.
>
> When I view the asp page my object gets created no problem, my function
> gets called, but seems to fail around the point where I create a
> RSACryptoServiceProvider object.
>
> To me this says it is a permissions issue, but I do not know what
> permission and where.
>
> thx for help!
>


 
Reply With Quote
 
 
 
 
Joe Van Meer
Guest
Posts: n/a
 
      02-19-2009
Thx Joe!

I appreciate your information, your tip about "The key would also need to be
stored in the Machine store and not in
> the local user store." was dead on the issue. Turns out it was installed
> in localUser's not the localmachine's.


cheers & thanks mate, joe





"Joe Kaplan" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> It sounds like a probable permissions problem on the private key
> associated with the certificate. By default, only admin and system have
> permissions to read a private key. The ASP app will run under an app pool
> identity but ASP also always impersonates the authenticated user (or the
> anonymous user if anonymous auth is used), so it would need permissions to
> read the private key. The key would also need to be stored in the Machine
> store and not in the local user store.
>
> If you don't want to give permissions to the private key to the
> authenticated user, you might need to consider putting your COM component
> under COM+ and running it as a fixed identity that is granted the
> necessary permissions.
>
> Tools like process monitor from MS/SysInternals can help with finding
> these types of permissions issues on files and registry keys.
>
> --
> Joe Kaplan-MS MVP Directory Services Programming
> Co-author of "The .NET Developer's Guide to Directory Services
> Programming"
> http://www.directoryprogramming.net
> "Joe" <(E-Mail Removed)> wrote in message
> news:utUh$(E-Mail Removed)...
>> HI ng,
>>
>> I am attempting to call a function in a managed .NET DLL from an asp
>> page that signs an xml doc and returns the string to the calling asp
>> page.
>>
>> I have this code working in my windows test app with no prob, but cannot
>> seem to make the same call from my classic asp page.
>>
>> When I view the asp page my object gets created no problem, my function
>> gets called, but seems to fail around the point where I create a
>> RSACryptoServiceProvider object.
>>
>> To me this says it is a permissions issue, but I do not know what
>> permission and where.
>>
>> thx for help!
>>

>


 
Reply With Quote
 
Joe Kaplan
Guest
Posts: n/a
 
      02-19-2009
Glad that was easy. These issues frequently are not.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
"Joe Van Meer" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Thx Joe!
>
> I appreciate your information, your tip about "The key would also need to
> be stored in the Machine store and not in
>> the local user store." was dead on the issue. Turns out it was installed
>> in localUser's not the localmachine's.

>
> cheers & thanks mate, joe
>
>
>
>
>


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
GetControlValidationValue returns empty string kurt sune ASP .Net 0 09-01-2006 12:40 PM
HTTPResponse.read() returns an empty string? Christoph Söllner Python 2 10-18-2005 10:10 PM
[bug] String#split returns extra empty string Simon Strandgaard Ruby 8 06-01-2004 01:52 PM
java String split returns an additional first empty string Hanif Java 6 10-17-2003 06:21 AM
Security problem with Managed Code calling Unmanaged Code in a Web Page GAH ASP .Net Security 0 07-11-2003 06:27 PM



Advertisments