Hi All,
I know that remoting does not have any built-in facilities for security. I've been
thinking it would be an interesting and informative pet project to try to incorporate
Windows security with a remoting channel. My conceptualization of the solution:
1. Create a managed wrapper around the SSPI APIs. I found a C++ lib (WSSPI) that
should make this a little easier. On the other hand, I'm not an experienced C++
programmer, so this should still be fun :-)
2. Create a channel based on an existing channel. Maybe I start with the Named
Pipe Channel Sample.
3. When the client channel connects to the server channel...
a. ...do an NTLM-style handshake using SSPI to create a context handle, then...
b. ...convert the context handle to a handle to an access token, then...
c. ...put the access token into the channel data store.
4. When a message is processed, put the access token into the logical call context.
5. Create a context utility class that has a RemotePrincipal property that is a
WindowsPrincipal object created with the access token in the call context.
Does this sound sensible/feasible? Am I making this too hard? Thanks for any
feedback.
Regards,
Daniel Pratt
You can read messages from the DOTNET archive, unsubscribe from DOTNET, or
subscribe to other DevelopMentor lists at http://discuss.develop.com.
