.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

Possible security issue with .NET framework and web services

Posted By:      Posted Date: September 30, 2010    Points: 0   Category :.NET Framework

We have a web service that runs fine on our Windows Server 2008 R2 test system.

However, it does not work on a production machine at a customer site.

It is installed using:

  • WISE installer 32 bit
  • .NET 2.0 Framework
  • Machine has UAC disabled

Some observations:

  • Communication between client and server seems to work fine
  • Can't write to c:\ProgramData
  • Can't connect to database using ODBC connector.
  • Can't log messages to the Windows Event Log (we get an exception that we don't have privileges)

This makes us suspect security settings on the machine. Enabling trace logs on the ODBC Manager shows no errors. The Windows Event Viewer doesn't indicate any problems.

Can anyone suggest what is wrong? Is there a tool we can use to discover the source of the problems.

View Complete Post

More Related Resource Links

WSE Security: Protect Your Web Services Through The Extensible Policy Framework In WSE 3.0


This article describes the WSE policy framework, which allows you to describe constraints and requirements a Web service must enforce. Discussions include security scenarios in WSE 3.0 and extending the framework with custom constraints and requirements.

Tomasz Janczuk

MSDN Magazine February 2006

VS 2010: Entity Framework 4.0 and WCF Data Services 4.0 in Visual Studio 2010


Elisa Flasko takes you through a sample weblog application to demonstrate how new improvements in Entity Framework and WCF Data Services work together to simplify the way data is modeled, consumed and produced in Visual Studio 2010.

Elisa Flasko

MSDN Magazine April 2010

Cloud Security: Crypto Services and Data Security in Windows Azure


Many early adopters cloud platforms have questions about security. We review some of the cryptography services and providers in Windows Azure along with some security implications for applications in the cloud.

Jonathan Wiggs

MSDN Magazine January 2010

CLR Inside Out: Exploring the .NET Framework 4 Security Model


The .NET Framework 4 introduces many updates to the .NET security model that make it much easier to host, secure and provide services to partially trusted code. This article dives into the many features and benefits of the .NET security model.

Andrew Dai

MSDN Magazine November 2009

First Look: WCF And WF Services In The .NET Framework 4.0 And "Dublin"


We explore some of the key new WCF and WF features in .NET Framework 4.0 as well as the new application server capabilities provided by the "Dublin" extensions.

Aaron Skonnard

MSDN Magazine January 2009

Geneva Framework: Building A Custom Security Token Service


A Security Token Service, or STS, acts as a security gateway to authenticate callers and issue security tokens carrying claims that describe the caller. See how you can build a custom STS with the "Geneva" Framework.

Michele Leroux Bustamante

MSDN Magazine January 2009

Geneva Framework: A Better Approach For Building Claims-Based WCF Services


Here we introduce Microsoft Code Name "Geneva," the new framework for building claims-based applications and services, and federated security scenarios.

Michele Leroux Bustamante

MSDN Magazine December 2008

Look it Up: Managing Directory Security Principals in the .NET Framework 3.5


Here's an overview of the new System.DirectoryServices.AccountManagement class in the .NET Framework 3.5 and how it simplifies working with directory services.

Joe Kaplan and Ethan Wilansky

MSDN Magazine January 2008

Speak Up: Support Dictation With Text Services Framework


Learn how to make your apps speech-aware by supporting Windows Speech Recognition and the Text Services Framework.

Eric Brown

MSDN Magazine July 2007

Security Briefs: Security Enhancements in the .NET Framework 2.0


The.NET Framework 2.0 got quite a few security enhancements. This month Keith takes you on a whirlwind tour of the goodies you'll find there.

Keith Brown

MSDN Magazine Visual Studio 2005 Guided Tour 2006

Got Directory Services?: New Ways to Manage Active Directory using the .NET Framework 2.0


System.DirectoryServices is a managed code layer on top of Active Directory Service Interfaces, and you can employ it to better manage Active Directory from your code. Here Ethan Wilansky helps you get started.

Ethan Wilansky

MSDN Magazine December 2005

Are You in the Know?: Find Out What's New with Code Access Security in the .NET Framework 2.0


Unlike role-based security measures, code access security is not based on user identity. Instead, it is based on the identity of the code that is running, including information such as where the code came from. Here Mike Downen discusses the role of code access security (CAS) in .NET and outlines some key new features and changes in CAS for the .NET Framework 2.0.

Mike Downen

MSDN Magazine November 2005

Security Briefs: Security Enhancements in the .NET Framework 2.0


As I write this column, version 2. 0 of the Microsoft® . NET Framework is at Beta 1. When I got my bits, I hacked together a little program to dump all of the public members of all public types in the entire Framework and ran it on version 1.

Keith Brown

MSDN Magazine January 2005

Intrusion Prevention: Build Security Into Your Web Services with WSE 2.0 and ISA Server 2004


Once you've addressed security in your code, it's time to look at the environment it runs in. Firewalls stop unauthorized traffic from getting into your network, and smart Web service-specific firewalls, like the one that comes with Internet Security and Acceleration (ISA) Server 2004, bring XML intrusion prevention to your system for that added layer of safety.

Dino Esposito

MSDN Magazine November 2004

Web Services: Extend the ASP.NET WebMethod Framework with Business Rules Validation


In an earlier article the authors showed how to build a custom WebMethods extension that provides XML Schema validation, a function that is lacking in ASP.NET. In the process they established a foundation for enforcing business rules during the deserialization of XML data. The technique, which is described in this article, uses declarative XPath assertions to test business rule compliance.In building this business rules validation engine, the authors integrate the validation descriptions into the WSDL file that is automatically generated by the WebMethod infrastructure. Finally, they demonstrate how to extend wsdl.exe, the tool that generates WebMethod proxy/server code from WSDL files, to make use of their extensions.

Aaron Skonnard and Dan Sullivan

MSDN Magazine August 2003

Web Services: Extend the ASP.NET WebMethod Framework by Adding XML Schema Validation


WebMethods make the development of XML Web Services easier by encapsulating a good deal of functionality, but there is still a lot of underlying XML processing that you have to be responsible for. For example, WebMethods do not validate messages against the implied schema. Because they are not validated, the response that's returned can result in unintended consequences. To address this, the authors extend the WebMethod framework by adding XML Schema validation through a custom SoapExtension class.

Aaron Skonnard and Dan Sullivan

MSDN Magazine July 2003

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend