远程远程Windows身份验证......可能吗? [英] Windows authentication over remoting... possible?
本文介绍了远程远程Windows身份验证......可能吗?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我必须开发一个应用程序,它将包含一项服务和一个
windows窗体应用程序......该服务可以打开一个远程服务器,但我需要验证用户是否属于同一个域。所以当
应用程序启动时,我可以发送一些东西到远程服务并查询
一些对象,如果我是正确的话,服务可以给我这些对象用户
(右侧组的一部分)。我不想通过网络发送用户名和密码,也不想通过网络发送
密码哈希所以如果有更好的方式(就像SQL
服务器那样或许多其他应用程序) ),我想知道它(也许你有
a链接)
谢谢
ThunderMusic
Hi,
I have to develop an application that will consist of a service and a
windows forms application... the service could be on a distant server but I
need to authenticate the user as being part of the same domain. so when the
application starts, I can send something to the remote service and query for
some objects and the service can give me the objects if I''m the right user
(part of the right group). I don''t want to send username and password nor
password hash over the network so if there is a better way (just like SQL
server does or many other apps), I would like to know it (maybe if you have
a link)
Thanks
ThunderMusic
推荐答案
ThunderMusic,
不容易。您可以在IIS中托管远程对象,然后它将使用您在IIS中配置的身份验证机制。
另外,我相信这将是强迫你以某种方式设计你的对象(对于无状态调用,因为HTTP的机制是无状态的)。我在这里可能是错误的
。
我老实说不会使用或推荐远程作为分布式对象
技术。如果你现在必须开发你的应用程序(意思是明天将它拿出来),那么我建议使用COM + / Enterprise Services。
如果你有空闲时间,并且不介意使用
预发布软件进行开发,我会研究Windows Communication Foundation。
无论哪种方式在我的书中,远程处理是一个死胡同。
希望这会有所帮助。
-
- Nicholas Paldino [.NET / C#MVP]
- mv*@spam.guard.caspershouse.com
" ThunderMusic" < No ************************* @ NoSpAm.com在留言中写道
新闻:eR ***** ********* @ TK2MSFTNGP04.phx.gbl ...
ThunderMusic,
Not easily. You can host your remoted objects in IIS, and then it would
use the authentication mechanism that you have configured in IIS.
Also, I believe this will force you to design your objects in a certain
way (for stateless calls, since the mechanism for HTTP is stateless). I
could be wrong here.
I would honestly not use or recommend remoting as a distributed object
technology. If you have to develop your app now (meaning, get it out the
door tomorrow), then I would suggest using COM+/Enterprise Services.
If you have some time to spare, and don''t mind developing with
pre-release software, I would look into Windows Communication Foundation.
Either way, remoting is a dead-end in my book.
Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com
"ThunderMusic" <No*************************@NoSpAm.comwrote in message
news:eR**************@TK2MSFTNGP04.phx.gbl...
我有开发一个包含服务和窗口表单应用程序的应用程序...该服务可能位于远程服务器上但是
我需要对用户进行身份验证成为同一领域的一部分。所以当应用程序启动时,我可以向远程服务发送一些东西,并且对某些对象进行
查询,如果我是<对象,服务可以给我这些对象br />
正确的用户(右侧组的一部分)。我不想通过网络发送用户名和
密码或密码哈希,所以如果有更好的方式
(就像SQL服务器或许多其他应用程序一样) ),我想知道它
(也许你有链接)
谢谢
ThunderMusic
Hi,
I have to develop an application that will consist of a service and a
windows forms application... the service could be on a distant server but
I need to authenticate the user as being part of the same domain. so when
the application starts, I can send something to the remote service and
query for some objects and the service can give me the objects if I''m the
right user (part of the right group). I don''t want to send username and
password nor password hash over the network so if there is a better way
(just like SQL server does or many other apps), I would like to know it
(maybe if you have a link)
Thanks
ThunderMusic
ThunderMusic写道:
ThunderMusic wrote:
我必须开发一个应用程序,它将包含一个服务和一个
windows窗体应用程序......该服务可能位于远程服务器上但是
我需要将用户身份验证为同一域的一部分。所以当应用程序启动时,我可以向远程服务发送一些东西,并且对某些对象进行
查询,如果我是<对象,服务可以给我这些对象br />
正确的用户(右侧组的一部分)。我不想通过网络发送用户名和
密码或密码哈希,所以如果有更好的方式
(就像SQL服务器或许多其他应用程序一样) ),我想知道它
(也许你有链接)
谢谢
ThunderMusic
Hi,
I have to develop an application that will consist of a service and a
windows forms application... the service could be on a distant server but
I need to authenticate the user as being part of the same domain. so when
the application starts, I can send something to the remote service and
query for some objects and the service can give me the objects if I''m the
right user (part of the right group). I don''t want to send username and
password nor password hash over the network so if there is a better way
(just like SQL server does or many other apps), I would like to know it
(maybe if you have a link)
Thanks
ThunderMusic
Hi ThunderMusic,
这可能有所帮助:
< ; UrlWillWrap>
http://msdn.microsoft.com/library/de...SecNetch11.asp
< / UrlWillWrap>
-
希望这会有所帮助,
Tom Spink
Hi ThunderMusic,
This may be of help:
<UrlWillWrap>
http://msdn.microsoft.com/library/de...SecNetch11.asp
</UrlWillWrap>
--
Hope this helps,
Tom Spink
好的,我找到了WindowsPrincipal类,它是可序列化的。这个类的
实例是否保证用户在计算机上登录并且已经验证了
,或者是否有办法查询域服务器,如果用户
是合法用户吗?我的意思是,我必须确保用户发出请求(或
查询)是他声称的并且已登录域。我的应用程序不支持
允许冒充,但我不希望任何人试图冒充我的网络上的某人并且声称存在,比如总统
公司并开始使用远程对象制作任何他想要的东西......你
知道我的意思吗?我需要一种方法来保护东西,所以只有经过身份验证的用户或我可以验证的用户才能访问这个服务
提供的对象。我绝对需要知道这个用户
所属的域名组...
谢谢
ThunderMusic
" ThunderMusic" < No ************************* @ NoSpAm.com在留言中写道
新闻:eR ***** ********* @ TK2MSFTNGP04.phx.gbl ...
Ok, I found the WindowsPrincipal class, and it''s serializable. Does an
instance of this class guaranty the user is logged on a computer and has
been authenticated or is there a way to query the domain server if the user
is a rightful user? I mean, I must be sure the user making the request (or
query) is who he claims to be and is logged on the domain. My app does not
allow impersonnation, but I don''t want anybody trying to impersonnate
someone on my network and claim being, let''s say, the president of the
company and start making anything he wants with the remote objects... you
know what I mean? I need a way to secure things so only an authenticated
user or a user I can authenticate can have access to the objects the service
is providing. And I definitly need to know the domain groups this user
belongs to...
Thanks
ThunderMusic
"ThunderMusic" <No*************************@NoSpAm.comwrote in message
news:eR**************@TK2MSFTNGP04.phx.gbl...
我有开发一个包含服务和窗口表单应用程序的应用程序...该服务可能位于远程服务器上但是
我需要对用户进行身份验证成为同一领域的一部分。所以当应用程序启动时,我可以向远程服务发送一些东西,并且对某些对象进行
查询,如果我是<对象,服务可以给我这些对象br />
正确的用户(右侧组的一部分)。我不想通过网络发送用户名和
密码或密码哈希,所以如果有更好的方式
(就像SQL服务器或许多其他应用程序一样) ),我想知道它
(也许你有链接)
谢谢
ThunderMusic
Hi,
I have to develop an application that will consist of a service and a
windows forms application... the service could be on a distant server but
I need to authenticate the user as being part of the same domain. so when
the application starts, I can send something to the remote service and
query for some objects and the service can give me the objects if I''m the
right user (part of the right group). I don''t want to send username and
password nor password hash over the network so if there is a better way
(just like SQL server does or many other apps), I would like to know it
(maybe if you have a link)
Thanks
ThunderMusic
这篇关于远程远程Windows身份验证......可能吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
