I am unable to use an unsecure channel once a secure channel has already been registered. The code below works only if on the client side, the unsecured channel is registered before.
Is it possible to mix secure and unsecure channels without any constraint on the registration order ?
using System;
using System.Collections;
using System.Runtime.Remoting;
using System.Runtime.Remoting.Channels;
using System.Runtime.Remoting.Channels.Tcp;
public class SampleObject : MarshalByRefObject
{
public DateTime GetTest() { return DateTime.Now; }
}
public class SampleObject2 : MarshalByRefObject
{
public DateTime GetTest2() { return DateTime.Now; }
}
static class ProgramClient
{
private static TcpClientChannel RegisterChannel(bool secure, string name, int priority)
{
IDictionary properties = new Hashtable();
properties.Add("secure", secure);
properties.Add("name", name);
properties.Add("priority", priority);
var clientChannel = new TcpClientChannel(properties, null);
ChannelServices.RegisterChannel(clientChannel, false);
return clientChannel;
}
private static void Secure()
{
RegisterChannel(true, "clientSecure", 2);
var testSecure = (SampleObject2)Activator.GetObject(typeof(SampleObject2), "tcp://127.0.0.1:8081/Secured.rem");
Console.WriteLine("secure: " + testSecure.GetTest2().ToLongTimeString());
}
private static void Unsecure()
{
RegisterChannel(false, "clientUnsecure", 1);
var test = (SampleObject)Activator.GetObject(typeof(SampleObject), "tcp://127.0.0.1:8080/Unsecured.rem");
Console.WriteLine("unsecure: " + test.GetTest().ToLongTimeString());
}
internal static void MainClient()
{
Console.Write("Press Enter to start.");
Console.ReadLine();
// Works only in this order
Unsecure();
Secure();
Console.WriteLine("Press ENTER to end");
Console.ReadLine();
}
}
static class ProgramServer
{
private static TcpServerChannel RegisterChannel(int port, bool secure, string name)
{
IDictionary properties = new Hashtable();
properties.Add("port", port);
properties.Add("secure", secure);
properties.Add("name", name);
//properties.Add("impersonate", false);
var serverChannel = new TcpServerChannel(properties, null);
ChannelServices.RegisterChannel(serverChannel, secure);
return serverChannel;
}
private static void StartUnsecure()
{
RegisterChannel(8080, false, "unsecure");
RemotingConfiguration.RegisterWellKnownServiceType(typeof(SampleObject), "Unsecured.rem", WellKnownObjectMode.Singleton);
}
private static void StartSecure()
{
RegisterChannel(8081, true, "secure");
RemotingConfiguration.RegisterWellKnownServiceType(typeof(SampleObject2), "Secured.rem", WellKnownObjectMode.Singleton);
}
internal static void MainServer()
{
StartUnsecure();
StartSecure();
Console.WriteLine("Unsecure: 8080\n Secure: 8081");
Console.WriteLine("Press the enter key to exit...");
Console.ReadLine();
}
}
class Program
{
static void Main(string[] args)
{
if (args.Length == 1 && args[0] == "server")
ProgramServer.MainServer();
else
ProgramClient.MainClient();
}
}
Edit: No change with .NET 4 and VS 2010.
This is called mixed content because both HTTP and HTTPS content are being loaded to display the same page, and the initial request was secure over HTTPS.
Mixed content occurs when a webpage containing a combination of both secure (HTTPS) and non-secure (HTTP) content is delivered over SSL to the browser. Non-secure. content can theoretically be read or modified by attackers, even though the parent page is served over HTTPs.
This is interesting vintage question, I have spent about a week trying to solve this problem, and had to implement a work-around. But here is what I have discovered: the answer is most likely: NO, YOU CANNOT.
Explanation: .NET remoting does not let you choose which client channel to use when creating an object. On the server side, it would use the channel listening to the port in question, obviously, but on the client side it would just use any available or even create a new one - though I always register my own.
So it seems (I could not find it anywhere in documentation) that if there is a secure client channel available, that one gets used. So in example in the question, the remote object is created against the secure channel, but it expects insecure one - thus it fails. In case of creating an insecure connection first - it works because at the time the remote object is created there is no secure client channel, so the insecure client channel is used.
WORKAROUND:
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With