Remoting Authentication Configuration changes in Beta2


There are config setting changes for Tcp channel authentication in .net framework 2.0 Beta2. Here is a sample server configuration, Note that secure=”true” gives a setting of TokenImpersonationLevel.Identify and ProtectionLevel.EncryptAndSign:


<configuration>
      <system.runtime.remoting>
            <application name=”BVTServer”>
                  <service>
   <wellknown mode=”SingleCall” type=”Factory, server” objectUri=”Factory.soap” />
                  </service>
                  <channels>
                        <channel ref=”tcp” port=”8000″ secure=”true” impersonate=”true” protectionLevel=”EncryptAndSign”/>
                  </channels>
            </application>
      </system.runtime.remoting>
</configuration>


Here is the corresponding client side config:


<configuration>
   <system.runtime.remoting>
      <application>
         <client url=”tcp://localhost:3300/BVTServer”>
            <activated type=”SimpleServer, server”/>
         </client>
         <channels>
         <channel ref=”tcp” secure=”true” tokenImpersonationLevel=”Impersonation” protectionLevel=”EncryptAndSign”/>
         </channels>
     </application>
   </system.runtime.remoting>
</configuration>


Another change in Beta2 is that the client principal now flows in Thread.CurrentPrincipal.


Comments (2)

  1. staceyw says:

    Question on tcp authentication channel. Can’t seem to get it to work. Is this supposed to work even if the client is not a domain member, but knows the credentials. Such as a client like:

    IDictionary prop = new Hashtable();

    prop["username"] = "staceyw";

    prop["password"] = "pw";

    prop["domain"] = "wjsmobil";

    prop["protectionLevel"] = System.Net.Security.ProtectionLevel.EncryptAndSign;

    prop["tokenImpersonationLevel"] = System.Security.Principal.TokenImpersonationLevel.Impersonation;

    prop["useDefaultCredentials"] = false;

    prop["secure"] = true;

    TcpClientChannel tcpChannel = new TcpClientChannel(prop, null);

    I alwasy get authentication failure.

    Client and server on same XP Pro box for development and testing. TIA!

    –William Stacey [MVP]