WCF Security When Trusted Bunch Of Client/servers Communicationg Over Internet?

Feb 22, 2011

I have some dedicated servers running ASP.NET applications over internet. All servers are fully trusted (all belongs to the same company) and need to communicate to each other in a secure way. They are not part of a domain or work group and should not be.Each server acts as both client and server of some WCF services. These services are few (1-2 per server) and light (a little data is transferred on each call).

I can use self-signed SSL certificates or X509. I'm looking for some way to make sure nobody from internet can call a WCF service on a server. New server would be added in the future.I read about WCF but now I'm confused, is it good idea to use self-signed SSL certificates or not (non self-signed is not an option at the moment), which binding to use, which security mode to use, which authentication method to use

View 2 Replies


Similar Messages:

C# - How To Add URL To The Trusted Zone In Internet Explorer

Mar 18, 2010

How can I add an URL to the trusted site? It seems that there are stored in the registry, but where exactly?

The .net programm will run locally on each client.

Edit clarification: I want to do this programmaticly running C# code.

View 5 Replies

Security :: The User Is Not Associated With A Trusted SQL Server Connection?

Oct 25, 2010

when i am trying to test my webpage i get this message : " Login failed for user ''. The user is not associated with a trusted SQL Server connection. " idon`t know what to do with
because it`s my first webapp

View 7 Replies

Security :: Application Certificate - Using A Trusted Subsystem Model?

Aug 9, 2010

I have found below link. What is the procedures in installing and setup of using a trusted subsystem model?? It involves in using application certificate in which how can I find and generate???
[URL]

View 1 Replies

Web Forms :: Sending Data From Client To Server Via Internet?

Jul 15, 2010

i have a website in our office which is a School. the website is an enrollment website which is available view internet, where the users (students) access the website to enroll almost simultaneously, select their subjects and schedules, etc.

this website is developed by someone who is no longger employed here. regular problem of the website is in times of enrollment, the students is experiencing slow processing when ever thay try to view/edit their information, subjects, etc. which are all in the database. a proposal was made and we have agreed to develop a new system that should run faster than the old system. access sql database to do Select/Update/Insert in the fastest way possible.

View 6 Replies

Security :: Forms Authentication In Multiple Servers

Mar 7, 2011

I have two applications with a single domain name ([URL] and [URL]). First one has been developed in .NET 2 and the other one with .NET 4. I have configured web.config as these steps:

1- I've set the same machine key for both of them.
2- I've set the coockie name.
3- I've set the domain name to "domain.com".
4- Also, I've set hardcoded coockie domain name to "domain.com" .

Everything was working fine when both of them were running on a single web server. Recently, I've been asked to move test.domain.com to another server. After moving, authentication ticket is not valid on the second server. I tested both of them on a single server again and everything was workinh fine, but in two servers users can't acces to test.domain.com. (Authentication Ticket is invalid)

Edited: The second server is a virtual (VMWare) server. I don't have any problem in physical servers. I checked the server's time to be synchronized. I also used fiddler to see if the server does not get the auth ticket and ther ticket is sent to the 2nd server. Note: Servers are located in different networks and maybe proxy or firewall causes this (I've no idea)

View 3 Replies

Double Hop On Workgroup Servers Vs Domain Servers

Nov 16, 2010

I am trying to set up my web site on a stand alone server using Windows Server 2003 with IIS 6 which will access SQL server database (2008) on windows 2008 R2 server (also not in the domain) I am using form authentication and I have configured a custom identity account in IIS6. The local account is on both servers with same password and I have registered the account using aspnet_regiis.exe -ga The application pool in my iis6 has the custom local account set as the identity and my web.config file has the appropriate tags in the system.web element <identity impersonate="true" />

The problem is the local account does not seem to get passed to the sql server. Right now my iis settings are anonymous access (using the local acct vs isr) and no authentication specified under that - I did try Integrated and basic but it prompts for the username and password which I do not want. One article I read stated this: windows authentication does not support delegation (passing credentials from one server to another) and is limited to the one hop rule, only a primary token can be passed to a second server. windows
authentication on iis (all versions) gives the thread a secondary(impersonation) token which can not be used to access any network resouce

View 1 Replies

Security :: Programmatically Creating User Instance When Servers Are Different

Jan 7, 2011

I need to create .net membership user instance for a database living in a different server than the one I'm coding in. What is the best way to do this?Should I do it though Sql Server stored procedure? or should I use a separate provider (therefore having 2) in my web.config?

I need to create this user without using the "create user wizard".

View 8 Replies

SQL Reporting :: AllowPartiallyTrustedCallersAttribute Or RSClientController Undefined - Error "Type Microsoft.Reporting.RdlBuildProvider Cannot Be Instantiated Under A Partially Trusted Security Policy"

Feb 26, 2010

first of all: this probelm was already an issue in [URL] but it does not resolve my problem: I have VS2008 and SQL Server 2008 Express with Adv. Option istalled. When compiling a page with the reportviewer control I get the error Type 'Microsoft.Reporting.RdlBuildProvider' cannot be instantiated under a partially trusted security policy (AllowPartiallyTrustedCallersAttribute is not present on the target assembly). C:websitesadAgencyweb.config

From the obove mentioned post I learned to use <trust level="Full" /> in the web.config file (which I never used on other Implementations that work). Now the compilation works, but when I start the web application and call that page I get a lot of JScrip Errors like: Runtime error in Microsoft JScript: 'RSClientController' is undefined, which comes from a line in the dynamic page.aspx file: document.getElementById('ctl00_maincontent_ReportViewer1').ClientController = new RSClientController "ctl00_maincontent_ReportViewer1_ctl03", "ReportFramectl00_maincontent_ReportViewer1", ...

I should mention, that I had SQL Server 2005 Express uninstalled before the 2008 version.

View 1 Replies

Security :: Save Session When Internet Explorer Closes

Mar 9, 2010

I am using ASP.NET Memberships and I have the timeout set to 100, when the user logs into the system in Internet Explorer (6 or 8) and then closes the window and tries to open it back up... It asks the user to login again. Why is that and how can I disable that?

View 3 Replies

Security :: Internet Explorer 8 Denies Session Cookies

Jul 22, 2010

i am having this weird problem only when i deploy my site [localy Everything works fine] when you try loging in from IE 8, the page simple refreshes! and no authentication takes place After lot of research, i found out that Internet Explorer 8 denies session cookies and to confirm this, i unchecked Enable protected mode (can be found in, internet options, security), and then tried logging in, it worked perfectly fine just like it did in other browsers [Firefox and google chrome]. I have found one solution which is to lower the security level, but i cant tell every visitor on my site to do that since its not practical.

View 1 Replies

Security :: Diff Between Internet And Intranet Application Developemnt

Mar 22, 2010

diff between internet And intranet applications design. How they are deff in authentication. What kind of authentications is possible?

View 1 Replies

Security :: Request.UrlReferrer Does Not Work In Internet Explorer?

Apr 25, 2010

i have a problem in my asp application . Im trying to protect the path for my application using this code :

Uri t = Request.UrlReferrer;

View 10 Replies

IE7 Internet Explorer Cannot Open The Internet Site, Operation Aborted

Jun 10, 2010

when i test this page http://www.catalogues4u.com.au/ViewCategory.aspx?catID=119 im getting the above error. to replicate this issue visit the above page in ie7 and you will get the prompt.

View 3 Replies

Security :: Some Users Are Unable To Access My Internet Site With Windows Authentication?

Oct 15, 2010

I have an intranet site that i set up to windows authentication. It works fine most of the time but some departments wont be able to access the site and will be asked to enter user name and password.I checked their Active Directory account and the only difference i could see was that the organizational unit parameter was different than the rest of the users.

View 5 Replies

How To Convert A Bunch Of .asp To .aspx

Apr 28, 2010

I want to port an existing, legacy, ecommerce website from ASP to ASP.NET.What approaches do I have ?is there a way to run an ASP file with an ASP.NET engine ?are there tools to automatically convert ASP to ASP.NET and do they work on complex websites

View 3 Replies

How To Display A Whole Bunch Of Details For Student

May 16, 2010

In my ListView control, I display a whole bunch of details for students. One of the fields -- Status -- returns a boolean value. I don't want to display True or False. I'd rather display something more meaningful in English. How do I display "Approved" or "Declined" instead of simple True or False for the following?

[Code]....

View 2 Replies

The User Is Not Associated With A Trusted SQL Server Connection?

Mar 22, 2010

My web service app on my Windows XP box is trying to log in to my sql server 2005 database on the same box. The machine is part of a domain. I am logged in in the domain and I am an admin on my machine. I am using Windows Authentication in my connection string as in "Server=myServerAddress;Database=myDataBase;Trusted_Connection=True". SQLServer is configured for both types of authentication (mixed mode) and accepts remote connections and accepts tcp and named pipes protocols. Integrated authentication is enabled in IIS and with and without anonymous access. 'Everyone' has access to computer from network setting in local security settings. ASPNET is a user in the sql server and has access to the daatabase. user is mapped to the login.

The app works fine for other developers which means the app shouldn't be changed (It's not new code). So it seems it's my machine which has an issue.

I am getting the error "Login failed for user ''. The user is not associated with a trusted SQL Server connection" Note the blank user name. Why am I getting this error when both the app and database are on my machine? I can use SQL Server authentication but don't want to. I can connect to the database using SSMS and my Windows credentials.

It might be related to setspn, kerberos, delegation, AD. I am not sure what further checks to make?

View 2 Replies

How To Compile An AVI File From A Bunch Of Bitmaps In C#

Mar 15, 2011

I've already heard of http://www.codeproject.com/KB/audio-video/avifilewrapper.aspx
...but I just can't get it to work with ASP.NETI've perused the source about a hundred times looking for anything that might suggest it's incompatible with .NET 3.5 or not going to work with my other frameworks.

View 1 Replies

SQL Server :: Updating Bunch Of Records At Time?

Sep 15, 2010

If I want to update 1000 records at a time in the database what is the best approach.

View 6 Replies

Web Forms :: That Assembly Does Not Allow Partially Trusted Callers?

Jan 13, 2011

I am developing an application using VS2008 .Net 3.5 with MS SQL 2008 targeting .Net 2.0

The project is created as Web Application ... does not use any third party controls

I have changed both my web.config and assemblyinfo.cs with AllowPartiallyTrustedCallers ...

I am still getting the error message, "That assembly does not allow partially trusted callers"

View 3 Replies

Web Forms :: That Assembly Does Not Allow Partially Trusted Callers.

Jan 8, 2011

I'm using this: http://code.google.com/apis/recaptcha/docs/aspnet.html ...

Security Exception

Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: That assembly does not allow partially trusted callers.

Source Error: [Code]....
Source File: d:hosting4646264htmlgreenstormsContact.aspx Line: 228 Stack Trace: [Code]....

Version Information: Microsoft .NET Framework Version:2.0.50727.3615; ASP.NET Version:2.0.50727.4049

View 1 Replies

Fiddler Is Showing A Bunch Of 404 Errors To Embedded Dlls?

Dec 28, 2010

In the application, there is an HTML page that references a .dll (dllMain) using an <object> tag.

dllMain references several other dlls (dll1, dll2, and dll3).

When the web page is loaded, it loads just fine and everything works.

However, there is a bit of a delay in the load time, using fiddler I discovered that it is trying to find dll1, ddl2, and dll3 and failing, resulting in 404 errors... by watching the web page load while watching fiddler, it is clear the delay is from the 404 errors originating from trying to find these embedded dlls.

Is there any way to make the application stop probing for these embedded dlls? Clearly it doesnt need to since the application is working even though these aren't being found?

View 3 Replies

Visual Studio :: Run Partially Trusted Code In A Sandbox

May 7, 2010

Is FileIOPermission Class obsolete in .net 4.0?

Now do I have to Run Partially Trusted Code in a Sandbox [URL]?

View 3 Replies

C# - PrincipalContext.ValidateCredentials Slow With Trusted Domain Using NetBios Name

Feb 18, 2011

I've created a service that validates credentials against Active Directory using System.DirectoryServices.AccountManagement. I need to validate credentials against the local domain as well as a trusted domain. The response time for validating credentials is fast for both the local and trusted domain when run on my computer. When I move this service to our server, the local domain response is fast however, the trusted domain response is very slow (20 - 30 seconds).

I've also found that if I change the domain name in the PrincipalContext from the NetBios name to the DNS name it corrects the the performance problem on the server.

Here's some examples

PrincipalContext context = new PrincipalContext(ContextType.Domain, sNetBiosName)
context.ValidateCredentials(sUsername, sPassword)

On the server, the above will take 20-30 seconds using the NetBios Name

PrincipalContext context = new PrincipalContext(ContextType.Domain, sDNSName)
context.ValidateCredentials(sUsername, sPassword)

Using the DNS name the response is 0-2 seconds

Any ideas on what needs to be setup on the server to speed this up using the NetBios name?

View 2 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved