.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
david stephan
Fauzul Azmi
Asad Ali
Post New Web Links

Transport level security with netTcpBinding

Posted By:      Posted Date: September 09, 2010    Points: 0   Category :WCF
 
Does service and client need to be part of domain with netTcpBinding endpoint configured to used Transport security mode with Certificate based client credential type and protect level set to EncryptAndSign <bindings> <netTcpBinding> <binding name="CertificateWithTransport" maxBufferPoolSize="100000000" maxBufferSize="100000000" maxReceivedMessageSize="100000000" portSharingEnabled="true"> <readerQuotas maxDepth="100000000" maxStringContentLength="100000000" maxArrayLength="100000000" maxBytesPerRead="100000000" maxNameTableCharCount="100000000" /> <security mode="Transport"> <transport clientCredentialType="Certificate" protectionLevel="EncryptAndSign"/> </security> </binding> </netTcpBinding> </bindings> Thanks      -= JL =-


View Complete Post


More Related Resource Links

Can service authenticate itself ( at transport security level ) using username/password authenticati

  

hi

At transport level clients can be authenticated ( depending on the binding ) via certificate, username/password or windows account. I know service can authenticate itself to clients via certificates, but can it also authenticate itself at transport security level using username/password authentication or perhaps windows authentication?

For example, I thought we can set a username/password with which service authenticates itself via ServiceCredentials.UsernameAuthentication property, but it appears this property is only used to configure how clients get authenticated ( via username/password ) by a service.

thank you


Transport Level Security Vs Message Level Security in WCF

  
*Transport Level Security
It secures the actual transport (i.e. the pipe) over which the message passes through from client to a service. For
example it uses SSL (Secure Socket Layer) to ensure point-to-point protection.

*Message Level Security
It secures the message itself that is being transported from client to a service and vice versa.

Secure It: WS-Security and Remoting Channel Sinks Give Message-Level Security to Your SOAP Packets

  

As more organizations adopt XML-based Web Services, the need for message-level security has become evident. WS-Security, now supported in the Microsoft .NET Framework, addresses this need. Using the WS-Security framework, developers can implement channel sinks to intercept Remoting messages as they pass through the .NET Remoting infrastructure. The sink can read the message, change it, and pass it along. During this process, the message can be signed for added security. This article explains how to implement a Remoting channel sink that will modify the Remoting message by including a UserName token in the header, then sign the body using the token.

Neeraj Srivastava

MSDN Magazine November 2003


Transport Level Error

  
Hello,I have a ASP.NET 2.0 based web application. At a certain point, I restore a specific MS Sql Server Database from a previously saved backup. The restore works perfectly, however, when I try to access the application again I encounter this error:A transport-level error has occurred when sending the request to the server. (provider: Shared Memory Provider, error: 0 - No process is on the other end of the pipe.)If I just refresh the page, or in other words, I wait for a few moments and then access the web application, it works just fine. I am at a fix understanding as to what may be causing this. I have gone through couple of other posts in this forum and other material on the internet talking about Connection Pools and so on. At the end, I am still unable to resolve this issue? Should I stoop to a lower level and just add some sort of delay after the restore is done, so that the user will never (hopefully) encounter the above said hiccup, or is there a smarter way to deal with this?Also, I am using NetTiers template to access my MS Sql Server database.Any suggestions are welcome! Thanks!

Report Level Security in SSRS using Tsql

  
So i am Brand new in this area i have developed reports before and deployed them but never got an oppurtunity to work on security and who gets to see what.. Purpose of the view is thats what im thinking..   We have a reports database has 100 reports . What we are trying to do is have a faster way to manage report subscriptions. The tables i have is Analysts, SalesRep,SalesRepSubs and dbo.users.Dbo users are our web portal users where they can view reports. I want to create a table in which every report is viewed per security level. We have 6 layers of security layer 1 is lowers to layer 6 being highest. This is the relationship between tables Salesrep(SRID PK) Salesrep_sub (SRID_SUBID PK) Analysts : (AnalystIDPK) Users: The Table has all Users who are Salesrep,Sales Repsub and Analysts)(PKID PK) and we have cols SRID, SRID_SUBID & AnalystID) in this table. use Pricing go Alter View dbo.User_Access   AS select S.SR_name,u.SRID,sr.SRsub_name,u.SRID_SubID,U.Userid,u.username,u.Email, u.SecurityLevel,a.AnalystID from dbo.Users u join tbl_Analyst a on a.AnalystID=u.UserID join tbl_SalesRep s on s.SRID=u.SRID Join tbl_SalesRep_Sub sr on sr.SRID_SubID=u.SRID_SubID My question is what do i do next? Add this view to Report server? or how can i make it functionl?????????FM

Report Level Security in SSRS using Tsql

  
So i am Brand new in this area i have developed reports before and deployed them but never got an oppurtunity to work on security and who gets to see what.. Purpose of the view is thats what im thinking..   We have a reports database has 100 reports . What we are trying to do is have a faster way to manage report subscriptions. The tables i have is Analysts, SalesRep,SalesRepSubs and dbo.users.Dbo users are our web portal users where they can view reports. I want to create a table in which every report is viewed per security level. We have 6 layers of security layer 1 is lowers to layer 6 being highest. This is the relationship between tables Salesrep(SRID PK) Salesrep_sub (SRID_SUBID PK) Analysts : (AnalystIDPK) Users: The Table has all Users who are Salesrep,Sales Repsub and Analysts)(PKID PK) and we have cols SRID, SRID_SUBID & AnalystID) in this table. use Pricing go Alter View dbo.User_Access   AS select S.SR_name,u.SRID,sr.SRsub_name,u.SRID_SubID,U.Userid,u.username,u.Email, u.SecurityLevel,a.AnalystID from dbo.Users u join tbl_Analyst a on a.AnalystID=u.UserID join tbl_SalesRep s on s.SRID=u.SRID Join tbl_SalesRep_Sub sr on sr.SRID_SubID=u.SRID_SubID My question is what do i do next? Add this view to Report server? or how can i make it functionl?????????FM

security top total and current level

  
the locig of data is Country 1 - City1 - Company1 -> Nett Income Country 1 - City1 - Company2 -> Nett Income Country 1 - City1 - Company3 -> Nett Income                                                  Total Income   How can i achive the following logic  - the user (role) Company2 have to see only Total for City 1 (Company1+Company2+Company3), just total and Country 1 - City1 - Company2 -> Nett Income I can use dimension data and check Country 1 - City1 - Company2 but in this case he/she can't see totals for City 1 any ideas ?  

How to Provide Security at User level base in asp.net for certain pages

  
 Hi I have a site We have different Pages under one folder. we have stored these pages information in a database table with pageid. Then we have User access table. there we store userid and pageid , for which pages user has access. Now I need to provide access to that pages only . What to do. Could you please provide answer asap.   Thanks  

Page Level Security

  

How do I limit what User/Groups can see a page in SharePoint 2007? Within on particular SITE, I want to be able to say, for example, only Users in the X group can see this page.

I see on the Page Setting the "Audience Targeting" option, but that does not restrict anyone outside that group from clicking "All Site Content" then finding and opening the page from under Pages.

Can someone point me in the right direction?

Thanks in advance.


Todd C - MSCTS SQL Server 2005 - Please mark posts as answered where appropriate.

Menu - Role security not working on second level of sitemap

  

I have role assignments on both the first and second level of my menus within my sitemap file.  The first level works fine, and I only see items assigned to my role.

But roles assignments seem to have no effect on the second level.  It seems like if you have access to the first level, you have access to everything on the second level.

Is this correct?


From my sitemap (either a SalesRep or an Administrator can see everything underneath):

    <siteMapNode title="Administration" roles="SalesRep,Administrator" description="Admin" >

      <siteMapNode title="CompanyMaintenance" roles="SalesRep" url="~/Admin/CompanyManagement.aspx" />

      <siteMapNode title="Initialize Roles" roles="Administrator" url="~/Admin/Roles.aspx"/>

    </siteMapNode>

From my config:



    <roleManager enabled="true" defaultProvider="SqlRoleProvider">

Item Level Security Using Column Values

  

 

Has anyone successfully implemented item-level security in a SharePoint list using column values as the decision criteria? I realize this isn't out of the box functionality and would need to be custom coded.

 

For example, let's say that we have one document library that stores all of the HR documents about every employee in the company. One of the columns in the properties of the document stores which Office that employee reports to. There are HR staff that support each Office and should only have access to the files of employees who report to the same office that they do.

 

I know an option would be to create separate library or folder structures for each Office, but I'm curious if anyone has attempted to secure items or documents using properties instead.

 

Thanks.


How to setup WCF with wsHttpBinding, Transport Security with x509 certificate behind a load balancer

  

I'm having a difficult time setting up this WCF Service with wsHttpBinding, Transport Security, x509 and, the key part, the Load Balancer (F5). This all works without a problem in our Dev environment but as soon as I put it behind the F5 it fails giving me this message:

System.ServiceModel.Security.SecurityNegotiationException: Could not establish trust relationship for the SSL/TLS secure channel with authority 'servicechannelcert'. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

Is there any additional setup I need to do in IIS or the Load Balancer to handle these requests?

configuration files:

<binding name="wsHttpTransport">
 <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647"
  maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
 <security mode="Transport&

Row level security in 2008

  
Is there a row level security feature in SQL 2008? I found couple of topics about this but not clear answer. Is there this feature in 2008 or I have to implement row level manualy? Thanks

IIS hosted nettcpbinding security

  

Hi,

I have hosted my service in IIS with nettcpbinding and IIS set to Windows auth and Anonymous is disabled. when i browse svc file i get error "security setting of service required anonmous but is not enabled on iis application site".

when i use below config file, i get this error. But when i use second config setting, i don't get this error. I am not able to figure out the diffference in 2 config files.

1.  (this setting doesn't work)

<system.serviceModel>
<behaviors>
   <serviceBehaviors>
    <behavior >
     <serviceMetadata httpGetEnabled="false" />

nettcpbinding with windows security in iis hosted service

  

Hi ,

I have hosted service in iis. How can i verify my service (transport mode)is using windows authentication for client.

when i use basichttpbinding and set clientCredentialType to windows, but iis with anonymous. When i browse svc, as expected i get error that secrurity setting of servcie needs windows but iis is configured as anonymous. Similar i see expected bheavior when service is configred for anonymous, but iis is configured for windows.

But when i use nettcpbiding, irrespective of what my iis setting is (windows/anonymous), if i configure service for windows and i browse svc file. I am always able to do to without any error. when service is configured for windows and iis for anonymous; shouldn't i get an error (as seen in case of basichttpbinding)

Regards


singhhome

IIS hosted nettcpbinding security issues

  

I have hosted my service in IIS with nettcpbinding and IIS set to Windows auth and Anonymous is disabled. when i browse svc file i get error "security setting of service required anonmous but is not enabled on iis application site".

when i use below config file, i get this error. But when i use second config setting, i don't get this error. I am not able to figure out the diffference in 2 config files.

1.  (this setting doesn't work)

<system.serviceModel>
<behaviors>
   <serviceBehaviors>
    <behavior >
     <serviceMetadata httpGetEnabled="false" />

IIS hosted nettcpbinding security issue

  

Hi,

I have hosted my service in IIS with nettcpbinding and IIS set to Windows auth and Anonymous is disabled. when i browse svc file i get error "security setting of service required anonmous but is not enabled on iis application site".

when i use below config file, i get this error. But when i use second config setting, i don't get this error. I am not able to figure out the diffference in 2 config files.

1.  (this setting doesn't work)

<system.serviceModel>
<behaviors>
   <serviceBehaviors>
    <behavior >
     <serviceMetadata httpGetEnabled="false" />
Categories: 
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend