.net qr code generator sdk SECURING .NET REMOTING in Visual Basic .NET

Print QR Code in Visual Basic .NET SECURING .NET REMOTING

CHAPTER 5 SECURING .NET REMOTING
Generating QR Code JIS X 0510 In Visual Basic .NET
Using Barcode maker for VS .NET Control to generate, create QR Code 2d barcode image in Visual Studio .NET applications.
www.OnBarcode.com
Read QR-Code In Visual Basic .NET
Using Barcode scanner for .NET framework Control to read, scan read, scan image in .NET applications.
www.OnBarcode.com
Listing 5-3. Client That Uses IIS s Built-In Authentication Methods using using using using using using using System; System.Runtime.Remoting; System.Runtime.Remoting.Channels; System.Collections; System.Runtime.Remoting.Services; General; // from General.DLL Server; // from server.cs
Make UPC-A Supplement 2 In Visual Basic .NET
Using Barcode generation for .NET Control to generate, create UPC-A image in Visual Studio .NET applications.
www.OnBarcode.com
1D Barcode Creator In VB.NET
Using Barcode maker for .NET Control to generate, create Linear Barcode image in .NET framework applications.
www.OnBarcode.com
namespace Client { class Client { static void Main(string[] args) { try { String filename = "client.exe.config"; RemotingConfiguration.Configure(filename); CustomerManager mgr = new CustomerManager(); Console.WriteLine("Client.Main(): Reference to CustomerManager " + " acquired"); IDictionary props = ChannelServices.GetChannelSinkProperties(mgr); props["username"] = "dummyremotinguser"; props["password"] = "12345"; Customer cust = mgr.getCustomer(4711); int age = cust.getAge(); Console.WriteLine("Client.Main(): Customer {0} {1} is {2} " + "years old.", cust.FirstName, cust.LastName, age); } catch (Exception e) { Console.WriteLine("EX: {0}",e.Message); } Console.ReadLine(); } } }
Barcode Generation In VB.NET
Using Barcode printer for Visual Studio .NET Control to generate, create Barcode image in .NET applications.
www.OnBarcode.com
QR Code Generator In Visual Basic .NET
Using Barcode printer for VS .NET Control to generate, create QR Code JIS X 0510 image in .NET framework applications.
www.OnBarcode.com
CHAPTER 5 SECURING .NET REMOTING
2D Encoder In VB.NET
Using Barcode encoder for VS .NET Control to generate, create Matrix image in Visual Studio .NET applications.
www.OnBarcode.com
Identcode Drawer In Visual Basic .NET
Using Barcode creator for .NET Control to generate, create Identcode image in .NET framework applications.
www.OnBarcode.com
This client now connects to the server and authenticates the user against the specified Windows user account on the server machine. You can see in Figure 5-6 what happens when you change the password for DummyRemotingUser.
QR Code Creation In .NET Framework
Using Barcode printer for Reporting Service Control to generate, create QR image in Reporting Service applications.
www.OnBarcode.com
QR Code JIS X 0510 Printer In .NET
Using Barcode generation for ASP.NET Control to generate, create QR Code ISO/IEC18004 image in ASP.NET applications.
www.OnBarcode.com
Figure 5-6. Incorrect username/password combination
Encoding Data Matrix 2d Barcode In Java
Using Barcode maker for Java Control to generate, create DataMatrix image in Java applications.
www.OnBarcode.com
Read Code-128 In Visual Studio .NET
Using Barcode scanner for .NET framework Control to read, scan read, scan image in .NET applications.
www.OnBarcode.com
Securing the Sign-On Process
Data Matrix 2d Barcode Encoder In None
Using Barcode encoder for Software Control to generate, create Data Matrix ECC200 image in Software applications.
www.OnBarcode.com
QR Code Decoder In None
Using Barcode recognizer for Software Control to read, scan read, scan image in Software applications.
www.OnBarcode.com
In the preceding examples, I used the so-called HTTP basic authentication. This enables a great deal of interoperability between various Web servers and proxies. Unfortunately, this type of authentication allows a playback attack, which means that someone who uses software or a device to monitor all network traffic can later incorporate the transferred username/password combination in his or her own requests. When both the client and the server are based on Windows XP 2000, or NT, you can use , Windows integrated authentication, which results in either NTLM or Kerberos (see Authentication Protocols in Windows earlier in this chapter). But remember that NTLM is a nonstandard mechanism that unfortunately does not work with all HTTP proxies. Furthermore, it requires you to open some ports on your firewall. However, if it is supported by the proxies of your users or your work in an intranet scenario, it nevertheless provides considerably higher security against playback attacks. You can switch to this authentication scheme using Internet Services Manager MMC, as shown in Figure 5-7. Neither the client s code nor the server s code has to be changed after this switch.
1D Barcode Encoder In Java
Using Barcode drawer for Java Control to generate, create Linear image in Java applications.
www.OnBarcode.com
Make Linear 1D Barcode In Visual C#.NET
Using Barcode maker for .NET Control to generate, create Linear Barcode image in .NET framework applications.
www.OnBarcode.com
Figure 5-7. Enabling Windows authentication
Creating Barcode In Java
Using Barcode drawer for Java Control to generate, create Barcode image in Java applications.
www.OnBarcode.com
Encode Code 3/9 In Visual Studio .NET
Using Barcode creation for ASP.NET Control to generate, create Code39 image in ASP.NET applications.
www.OnBarcode.com
CHAPTER 5 SECURING .NET REMOTING
Drawing Barcode In None
Using Barcode encoder for Office Word Control to generate, create Barcode image in Microsoft Word applications.
www.OnBarcode.com
Painting Code128 In None
Using Barcode maker for Online Control to generate, create Code 128A image in Online applications.
www.OnBarcode.com
Note You can also enable both basic and Windows authentication at the same time. The remoting framework (as well as standard Internet Explorer) will choose the most secure method that has been announced by the server.
Enabling Single Sign-On
When your user is authenticated against the same Windows domain in which your server is located, you finally can use integrated security. This will log your users on to the server without further need of specifying usernames or passwords. The HTTP channel has a property called useDefaultCredentials. When this property is set to true via the configuration file and no username or password is specified within the ChannelSink s properties, the credentials of the currently logged-on user will be passed to the server. Because Windows 2000 can t get to a user s cleartext password, this scheme is only possible when using Windows authentication on your Web server. When you want to switch to this authentication scheme, you just have to remove all calls to the channel sink s properties, which set the username or password, and instead include the following configuration file: <configuration> <system.runtime.remoting> <application> <channels> <channel ref="http" useDefaultCredentials="true" /> </channels> <client> <wellknown type="Server.CustomerManager, Client" url="http://localhost:8080/MyAuthServer/CustomerManager.soap" /> </client> </application> </system.runtime.remoting> </configuration>
Encryption and IIS
Using authentication, especially the Windows NT challenge/response authentication method, will give you a somewhat secured environment. Nevertheless, when transferring sensitive data over the Internet, authentication is just not enough encryption needs to be applied as well. Hosting your components in IIS gives you a head start when it comes to encryption, as you can easily leverage the built-in SSL capabilities. All it takes is installing a server-side
CHAPTER 5 SECURING .NET REMOTING
certificate3 and changing the URL in the client-side configuration file. After making an edit to just one line (changing http: to https: ), all traffic will be secured including the HTTP headers, authentication information, and, of course, the transferred data. The changed configuration file looks like this: <configuration> <system.runtime.remoting> <application> <client> <wellknown type="Server.CustomerManager, Client" url="https://localhost/MyAuthServer/CustomerManager.soap" /> </client> </application> </system.runtime.remoting> </configuration> SSL encryption is sometimes accused of imposing a somewhat huge overhead. This is not always true, because the real asymmetric cryptography only takes place during the process of establishing the secured HTTP connection. This secure connection will be reused, and the overhead thus minimized.
Note You can get certificates either through buying them from a well-known authority like VeriSign or you
can set up your own certificate authority (Windows 2000 Server or Windows Server 2003 includes certificate services that can be installed). When using your own certificate authority or using selfssl.exe of the IIS resource kit for issuing a server certificate, you have to configure the client to trust your certificate authority by installing the authority s certificate in the Trusted root Certification Authorities area in your Windows certificate store.4
When testing the example in 2 using both HTTPS and HTTP you ll see that a binary , formatter via HTTPS/SSL is faster, and fewer bytes are transferred over the network than when using a SOAP formatter via conventional HTTP .
3. Hint: you can get free certificates for development purposes from VeriSign (http://www.verisign.com). You can also download and install the IIS resource kit from http://www.microsoft.com/downloads, which includes a tool called selfssl.exe that can be used for creating a SSL certificate as well as enabling SSL on IIS with just one step. SelfSSL is intended for installing SSL on development and/or test machines. 4. To get to the Windows certificate store, log on as administrator and start a management console through Start Run mmc.exe. Afterwards select File Add/Remove Snap In and add the Certificates MMC snap-in. This snap-in allows you to manage the certificates of your local machine as well as the current user profile. Actually, certificates are stored in the Documents and Settings\All Users\ Application Data\Microsoft directory.
Copyright © OnBarcode.com . All rights reserved.