|
There doesn't seem to be any way to override it without implementing your own SSL handshaking. The fact that IE (or any web browser for that matter) allows you to do that isn't actually an accepted process since it means the certificate is not verifiable and be using an ADK to encrypt for a different server.
Now, I'm not sure about your network topology, but in our setup, the web servers sit on a DMZ and have different names internally and externally. SSL could be forced on the site for external use but not for internal use (controlled by the firewall). Since this app is internal, why not just let it talk to the servers insecurely? Heck, you don't even need a DMZ to accomplish this, it's just easier to tell IIS how to differentiate traffic in case you've set IIS up to force SSL for connections. If you haven't done this for the whole site, you don't need to do anything really. Just segment the services so that the ones your clients use are forced to SSL and the ones you use aren't. If this is an externally deployed web site, you could do the same thing but you should take a look at WS-Security to secure your services. This could even be used for client access, but puts more burden on the developers as opposed to IIS, so it isn't always desired.
-----BEGIN GEEK CODE BLOCK-----
Version: 3.21
GCS/G/MU d- s: a- C++++ UL@ P++(+++) L+(--) E--- W+++ N++ o+ K? w++++ O- M(+) V? PS-- PE Y++ PGP++ t++@ 5 X+++ R+@ tv+ b(-)>b++ DI++++ D+ G e++>+++ h---* r+++ y+++
-----END GEEK CODE BLOCK-----
|
|
|
|
|
We have a similar topology with a DMZ but unfortunetly require ALL traffic to be secured with SSL (or other encryption) because of the sensitive data.
How do we 'tell IIS to differentiate traffic', do you mean set different SSL requirements on different virtual directories? what if our internal & external clients are using the same pages?
I'll have a read through WS-Security but I was hoping that IIS and ASP.NET could already handle this
|
|
|
|
|
There are several ways you can do this. Our DMZ, for example, is on the reserved subnet 172.16. We have two IP addresses bound to it for different apps. You could, instead, bind two different IPs to each machine and have the firewall redirect to the appropriate IP based on whether or not the traffic is internal or external. Then in IIS, make two different Web apps pointing to the same directory. For the external web app, require SSL. For the internal web app, leave it as optional.
If you did use WS-Security, you could get around this by checking the remote machine's IP and and skip encryption and verification for that traffic. Again, though, this will leave you with some of the work, although WS-Security does make it easier than just using the crypto classes directly.
You may find, too, that WS-Security gives you some additional features that would be nice in your app, such as policies for requiring certain things. It will require some changes in both the client and server, but depending on your business model it may be better in the end.
The big problem is that the .NET BCL doesn't really have a way for overriding the SSL handshaking that I've ever seen. If the SSL cert doesn't verify, an exception is thrown. There doesn't seem to be a way to change that. Technically speaking, that's the way it should be (you wouldn't want to trust a certificate from the server with an ADK since that opens you up for a man-in-the-middle attack), but I can understand that it isn't always desired. Perhaps you can make a comment to the .NET team for future enhancements on the .NET section of MSDN.
-----BEGIN GEEK CODE BLOCK-----
Version: 3.21
GCS/G/MU d- s: a- C++++ UL@ P++(+++) L+(--) E--- W+++ N++ o+ K? w++++ O- M(+) V? PS-- PE Y++ PGP++ t++@ 5 X+++ R+@ tv+ b(-)>b++ DI++++ D+ G e++>+++ h---* r+++ y+++
-----END GEEK CODE BLOCK-----
|
|
|
|
|
Oh, one more thing. VeriSign does offer domain certificates. I don't know exactly how they work since it's been a long time since I've looked into what they offer, but it might be worth checking out. I don't know if the certificate contains special OIDs or something, or if you can just buy bulk certificates, but each server could, potentially, be able to use different keys based on the requested Host header.
-----BEGIN GEEK CODE BLOCK-----
Version: 3.21
GCS/G/MU d- s: a- C++++ UL@ P++(+++) L+(--) E--- W+++ N++ o+ K? w++++ O- M(+) V? PS-- PE Y++ PGP++ t++@ 5 X+++ R+@ tv+ b(-)>b++ DI++++ D+ G e++>+++ h---* r+++ y+++
-----END GEEK CODE BLOCK-----
|
|
|
|
|
Hi,
If I want to serialize access to different resorces can I use a Named Mutex?
eg: I want to serialize access to a folder from different threads, can I do the following
Mutex oMutex = new Mutex(sFolderSpec);
oMutex.WaitOne()
oMutex.ReleaseMutex();
then in a different thread, have a different instance of the mutex, but with the same name
Mutex oMutex = new Mutex(sFolderSpec)
oMutex.WaitOne()
oMutex.ReleaseMutex();
I guess what I am asking is, Can I create the mutex in the function where I want the lock and dispose of it afterwards, and any other calls the same function by a different thread will lock until its released - or do I need an instance already created and accessible to each thread?
Thanks, James
James Simpson
Web Developer
imebgo@hotmail.com
|
|
|
|
|
No, you merely need to use a named mutex in a different instance per thread, although sharing that object would work, too. The Mutex class is just a wrapper for a system object. A named mutex can even be used to synchronize different processes.
Also, you don't necessarily have to worry about disposing of it in any thread. The CLR will take care of cleaning up the memory - that's the whole point of managed code! This should aleviate some of the burden you may think you have of trying to wait until the last thread has released the mutex before destroying it - you won't have to.
-----BEGIN GEEK CODE BLOCK-----
Version: 3.21
GCS/G/MU d- s: a- C++++ UL@ P++(+++) L+(--) E--- W+++ N++ o+ K? w++++ O- M(+) V? PS-- PE Y++ PGP++ t++@ 5 X+++ R+@ tv+ b(-)>b++ DI++++ D+ G e++>+++ h---* r+++ y+++
-----END GEEK CODE BLOCK-----
|
|
|
|
|
Actually, Mutex and friends all implement IDisposable - you _should_ worry about disposing them correctly. Sure the CLR will eventually finalize them for you and release the underlying unmanaged resource, but at some arbitrary time in the future, not when the last reference is released.
Unless your design calls for holding the object till process termination anyway, you should Dispose your IDisposables.
--
-Blake (com/bcdev/blake)
|
|
|
|
|
Our web service occassionaly becomes unavailble to clients because the aspnet_wp.exe process is being restarted. We have some very strange event messages in the Application logs when this happens. Can anyone shed any light on these messages and what could be wrong?
Event Type: Error
Event Source: ASP.NET 1.1.4322.0
Event Category: None
Event ID: 1000
Date: 05/09/2003
Time: 10:40:48
User: N/A
Computer: SUENG01
Description:
aspnet_wp.exe (PID: 1632) stopped unexpectedly.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: .NET Runtime
Event Category: None
Event ID: 0
Date: 05/09/2003
Time: 10:40:48
User: N/A
Computer: SUENG01
Description:
The description for Event ID ( 0 ) in Source ( .NET Runtime ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: .NET Runtime version 1.1.4322.573- Setup Error: Failed to load resources from resource file
Please check your Setup.
Event Type: Error
Event Source: ASP.NET 1.1.4322.0
Event Category: None
Event ID: 1090
Date: 09/09/2003
Time: 00:34:23
User: N/A
Computer: SUENG03
Description:
Failed to execute request because QueryInterface for ASP.NET runtime failed. Error: 0x80004005 Unspecified error
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
|
|
|
|
|
Hi,
I need to add to my application to send "bulk EMail", just notify 200 clients about an event or... ( no spamming , just real clients).
I know how to send an e-mail using Outlook, but no sure how to make it for groups of people, and via automation.
Thanks in advance, Greetings
Braulio
|
|
|
|
|
I've got a question on the finer apsects of object creation. The books I've consulted are somewhat vague on this point.
When I write the following:
Forms myForm;
I create a Form variable on the stack which can point to an object on the heap. No object is created. What I'm not sure about is if this also reserves the space needed on the heap for later object creation or if that space on the heaop doesn't get reserved until I actually create the object with new?
Ergo, when do the CLR actually reserve some space on the heap for an object? Does this happen when I declare my reference, or won't it happen until I use the new operator?
|
|
|
|
|
I don't know for certain but I would expect that the space is only allocated on the heap when the new operator is used...
...fascinating question... I just might look into it!!...
-----------------------------------------------------------------------
Shaun Austin: .NET Specialist. Spreading the word of .NET to the world... well the UK... well my tiny corner of it!!
|
|
|
|
|
Yeah so would I. But the MCAD study guide from MS which I'm reading at the moment is extremely vague about this and uses the terms object and variable interchangeably which leads to confusion According to that book it seems space gets reserved when I declare the reference and that just seems odd to me....
|
|
|
|
|
If it suggests such a thing ignore it, it is lying.
-Blake (shaking his head)
|
|
|
|
|
Heap memory is allocated when the 'newobj' or 'newarr' IL instructions are executed. In C# this means in two places:
MyType foo; // no heap allocation
foo = new MyType(); // heap allocation here
int[] bar = {1,2,3}; // heap allocation here, even without a 'new'
--
-Blake (com/bcdev/blake)
|
|
|
|
|
How do i convert an image to cursor in C# (runtime)? Any hints?
/gywox
|
|
|
|
|
Hi !!
I've got a problem on an windows application in C#
My connection are made with the Windows Users parameters. And they give an number of rights over my I/O System.
But for a spécific function, i need to change this users to have rights on an other directory.
I know that there is a class Impersonation but it seems to work only over XP. And i need to make that on Win 2000 station.
Does anybody know, how to make that ???
Thanks.
|
|
|
|
|
I can point you in the right direction as I have had to do something similar recently.
To impersonate you need to call LogonUser using PInvoke to get a user token, this call requires that the current user has the SE_TCB_NAME privilege (also called "Act as Part of Operating System") but you shouldn't just grant this to any account because it opens security holes. The way around it is to create a windows service to make the call. A windows service works because the LocalSystem and LocalService users automatically have SE_TCB_NAME. The reason it works on XP is that the requirement is no longer there....
Try looking up LogonUser in the platform SDK docs on MSDN...
HTH
-----------------------------------------------------------------------
Shaun Austin: .NET Specialist. Spreading the word of .NET to the world... well the UK... well my tiny corner of it!!
|
|
|
|
|
Is it possible to show columns from to seperate dataTables in the same datagrid simoultanously?
maybee using dataView or something else?
(in windows forms)
Yes or no?
true or false?
|
|
|
|
|
how can i convert the path(C:\..) to a binary and store it into the database
btw i am using ms sql database
thx!!
|
|
|
|
|
Hiya...
Firstly, do you definitely need to save it to the DB as binary as presumably when you read it out you will want to convert it back to a string anyway..??
Secondly, assuming you still do then I tend to have an SqlHelper class with useful methods for dealing with data layer stuff... one of them is...
public static byte[] ObjectToByteArray(Object obj)
{
if(obj == null)
return null;
BinaryFormatter bf = new BinaryFormatter();
MemoryStream ms = new MemoryStream();
bf.Serialize(ms, obj);
return ms.ToArray();
}
Which will allow you to convert any object to a byte array....
HTH...
-----------------------------------------------------------------------
Shaun Austin: .NET Specialist. Spreading the word of .NET to the world... well the UK... well my tiny corner of it!!
|
|
|
|
|
hi guys. i am using tlbimp.exe toll to convert my Dll which i develop in VB6.0 to .Net component. that Dll shows the Print preview of Report.
but when i call the method of that DLL i am getiing the exception
"An unhandled exception of type 'System.Runtime.InteropServices.COMException' occurred in Reports.exe
Additional information: Exception from HRESULT: 0x800A0196";
did anyone has any idea about it.
|
|
|
|
|
I have a SMS modem, and how can I use it to send a message to a mobile phone? could somebody show me a demo?
|
|
|
|
|
Hello,
How can one set up a RichTextBox so that the box shows an integral number of text lines, say 17, when the text box is scrolled all the way down? Possibly this would involve making the RichTextBox have a particular size.
The example below shows what I tried: set ClientSize.Height to be a multiple of Font.Height. It didn't work. When the text box is scrolled all the way down, a piece of a line shows at the top, which looks bad. I don't know how to calculate the amount by which the sizing is off.
(This rich text box will always be scrolled all the way down. Thanks to posters who responded to "help me, how to autoscroll in richtextbox" by KETUINHA for showing me how to do this.)
By the way, how can one post code in these forums and have the code's indentation be preserevd? Using 'code' tags ended up with no indentation, at least according to the preview.
using System;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
class TextBoxTesterForm : Form
{
public TextBoxTesterForm()
{
int lines = 5;
d_rtb = new RichTextBox();
d_rtb.SuspendLayout();
d_rtb.Parent = this;
d_rtb.Location = new Point(10,10);
int desiredTextHeight = lines * d_rtb.Font.Height;
d_rtb.ClientSize = new Size(200, desiredTextHeight);
d_rtb.ResumeLayout();
Console.WriteLine("lines={0}", lines);
Console.WriteLine("rtb Font.Height = {0}",
d_rtb.Font.Height);
Console.WriteLine("rtb Font.GetHeight() = {0}",
d_rtb.Font.GetHeight());
Console.WriteLine("desiredTextHeight = {0}",
desiredTextHeight);
Console.WriteLine("rtb ClientSize = {0}",
d_rtb.ClientSize);
Console.WriteLine("rtb DisplayRectangle = {0}",
d_rtb.DisplayRectangle);
Console.WriteLine("rtb Size = {0}", d_rtb.Size);
Console.WriteLine("rtb Multiline = {0}", d_rtb.Multiline);
}
RichTextBox d_rtb;
}
class TextBoxTestMain {
static void Main()
{ Application.Run(new TextBoxTesterForm()); }
}
|
|
|
|
|
Use the <pre> tag for posting code with indentations, and go read Raymond's blog for _everything_ you ever wanted to know about scrolling and were afraid to ask. An eleven part series on all the intricacies.
--
-Blake (com/bcdev/blake)
|
|
|
|
|
Thanks.
I glanced at Raymond's blog. Before I search through it in detail for the iota I'm looking for, can you tell me why you think this has something to do with scroll bars?
|
|
|
|