Remoting & Security

[OPM]

Hey guys,

Just wondering if it is possible to secure a remoting server by requiring
the client to submit a username and password? I know I can use the
IpcChannel to restrict access to the local machine, but I'd like to be able
to control who accesses the server but still have the server publicly
visible via HttpChannel or TcpChannel.

Cheers

 

[Cowboy \(Gregory A. Beamer\)]

Consider a switch to web services and using WSE or use SCF. A bit slower,
perf wise, (not much) but much easier to maintain and you can use UDDI for
discovery.

Can you restrict? Sure. Use ACLS on the service and it will force it. It is
a bit of a pain to have your software auto-respond, however, and the main
reason why Remoting (at least in 1.x and 2.0) is not worth the pain. Once
you get to WCF, Remoting becomes far easier, but then in 3.0 it looks a lot
like a web service (which it really is, although not tied to HTTP (and
possibly IIS) in 1.x/2.0 - WCF gives choices).

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

*********************************************
Think outside the box!
*********************************************