can winforms SET a cookie? will this work?

  • Thread starter Thread starter Jason Shohet
  • Start date Start date
J

Jason Shohet

When a machine starts up at our org, a batch job runs. In that batch job, I
want to call a .NET winforms applicaiton on the network (i'll make it
multithreaded). Can't run locally because they don't want the .net
framework on everyone's pc.
I want that .NET winforms application to write a cookie to the c: drive of
the user, containing the computername, and the name of the person logging in
(i can get those from the batch job and pass them to the winform app?).

Then later, the user will begin using a asp.net app. It will read from the
cookie and determine if the person using this app has rights to the
machine -- by comparing the info of the person that logged into this asp.net
app -- to the info in the cookie. Since users don't have access to their
cookies directory, this will be a secure way to enforce that people cannot
use others' machines here.

( can't use the gethost stuff with asp.net because we do NOT use netbios
here -- company is anti microsoft to an extent although we're all on
windows2000 :) )

Has anyone ever set a cookie using a windows app, or have code to show how
to do it? Or any other ideas to do what i'm trying to do lol.

Jason shohet
 
Why not use the security features included in IIS?
Enable the windows authentication for your web application, then you can
enable/disable users/groups from the web.config file.
From within ASP.NET you can get the username of the requesting user.

example from MSDN:

<configuration>
<system.web>
<authorization>
<allow roles="Admins"/>
<deny users="*"/>
</authorization>
</system.web>
</configuration>


Chris
 
The problem is this. People can log onto any machine. An admin, or a
regular user, we allow to move around, they can log onto any machine on the
network and use that machine.

But this one app -- the timekeeping application -- we want to make sure the
person logs on to ONLY his machine. How can we identify it as his machine:

1. a hidden cookie contains the currently logged on user & the machine
name
2. when user X logs onto the app, we take ask the db: "What machine is
user X assigned to?"
3. We take that machine, and compare it to the machinename in the cookie.
4. if they're different, we tell the user to get his butt back to his
machine and log on from there.

I don't see how IIS's security can help us out here (?)
I figured, lets start a hidden .NET winforms app during the computer's
startup, that will write that initial cookie. If I can do that i'm home
free....

jason shohet
 
Set cookies from winform!!!

Hi Jason Shohet,
I'm finding a solution the same your idea...
Can you give me some suggestion? or some code C# to do it...

Thank in advantage!
 
Back
Top