I'm using a book for studying for .NET certification, and I'm stumped on the issue of publisher certificates.
Background:
Windows Vista Home Basic SP2
Visual Studio 2008
.NET 3.5 SP1
Goal:
Write a simple C# console application that has its permission to read from a specific text file determined by the application's certificate.
Symptoms:
I am able to read from the file despite assigning the Nothing permission set to the code group that is conditioned by the application's certificate.
Steps taken:
Wrote C# console application that uses StreamReader to read the file and output to the console. The application works as expected.
On the application's properties, I used the Signing tab, set ON the checkbox for "Sign the ClickOnce manifest", clicked the Create Test Certificate button, and entered passwords.
Next, I clicked the More Details button, navigated to the Details tab, selected the Public Key row, and clicked the Copy to File button.
In the Certificate Export Wizard, I chose not to export the private key, chose the DER encoded binary X.509 format, and provided the path of the .CER file.
Next I rebuilt the application.
I opened the .NET Framework 2.0 Configuration tool.
I navigated to My Computer > Runtime Security > Machine > Code Groups > All_Code
Right clicked All_Code, and selected New to begin the Create Code Group wizard.
Gave the new code group a name, then selected the Publisher condition type.
Clicked the Import from Certificate File button, then selected the newly created .CER file.
Next I selected the Nothing permission set.
When running the application, which should now be a member of the new code group, it still works the same. I would expect that if it's a member of the Nothing permission set that it couldn't read the file.
Thanks for any insight you can provide. I'm probably missing one little detail. I wonder if this has anything to do with using Vista Home Basic.
Can your application read the file in question w/o any certificate?
Adding Nothing to a set of existing permissions won't change much.
Related
I have a C# WindowsForms application that uses Properties.Settings.Default to store application and user settings. Reading and writing custom user values works correct.
Application is set to automatically run on system startup or user sign on. Here's the problem: when the app starts on system startup it cant load any user-specific settings. They're all set to their default values. When i close the app and restart it - all user settings are back.
After debugging and logging i narrowed down the issue: on normal start application's working directory is set to the directory it was installed into. On system start (or user sign in) working directory is set to C:\system32 (or similar). That's when user settings are not loaded.
Is this a proper behavior ? If so, how would i correctly load (or reload) user settings?
NOTE: My application is deployed with ClickOnce so i can't really control where the settings file is stored. Also, i don't have any issues persisting the settings between the version upgrades.
Found a solution, although i'm not sure how "correct" it is.
In my application when user clicks on "Start on boot" checkbox option, i was writing the following into the registry:
string keyname = "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run";
RegistryKey key = Registry.CurrentUser.OpenSubKey(keyname, true);
key.SetValue("MyApp", Application.ExecutablePath.ToString());
The issue was resolved when i changed the app path to:
var startPath = Environment.GetFolderPath(Environment.SpecialFolder.Programs)
+ #"\Published\App.appref-ms";
key.SetValue("MyApp", startPath);
I think it has something to do with how ClickOnce apps are typically launched. I start the app using the desktop shortcut, not directly running exe file.
I'm trying to log in to a server through remote desktop using c#. I'm able to initiate the connection using the AxMSTSCLib and the code below. However, I'm stuck on our domain's security notice.
When logging in manually it requires you to click ok on the notice before the log in completes. I have been unable to find anyway to interact with this OK button through my application. I've tried variations of SendKeys, sending key events using interop services, finding the cursor position and sending a mouse click event...
I'm running out of ideas here.
rdp.Server = server;
rdp.Domain = domain;
rdp.UserName = userName;
IMsTscNonScriptable secured = (IMsTscNonScriptable)rdp.GetOcx();
secured.ClearTextPassword = password;
rdp.StartConnected = 1;
rdp.Connect();
Thanks
Well, there is a way to do what you ask.
You will need to download a copy of Windows 7 Embedded Standard (WES7 wSP1).
WES7 contains something that other editions of Windows 7 do not - a Dialog Filter.
It runs as a service, and allows you to specify certain window events to be performed automatically, without user interaction.
The Dialog Filter Editor is installed with the Windows Embedded Standard 7 tools in the EmbeddedSDK\bin folder.
All you have to do is:
Add the service to your Windows, by copying the necessary Dialog Filter files to C:\Windows\System32. There are x86 and x64 versions, so choose the correct architecture.
Register the files, and enable the service to run automatically.
Add the ConfigurationList.xml file created with the editor to C:\ProgramData\Microsoft\DialogFilter.
This location is hidden by defeault, so make sure to show hidden files and unhide protected system files in Windows Explorer.
I've actually created the ConfigurationList.xml file already, so you can simply copy the following code and save it as "ConfigurationList.xml":
<?xml version="1.0" encoding="utf-8"?>
<CL:dialogs xmlns:CL="urn:Dialogs">
<dialog>
<ProcessImageName>rundll32.exe</ProcessImageName>
<Title>Remote Desktop Connection</Title>
<Class>#32770</Class>
<Buttons>
<Button>OK</Button>
<Button>Cancel</Button>
<Button>Close</Button>
</Buttons>
<Actions>
<Action>OK</Action>
</Actions>
</dialog>
</CL:dialogs>
As you can see, the action is set to press the OK button automatically in the RDP dialog that pops up when making an RDP connection.
More info regarding the Dialog Filter directly from MS:
https://msdn.microsoft.com/en-US/library/ff794135(v=winembedded.60).aspx
Just found a much easier way to do this:
There's a free small app called ClickOff, which works in a very similar manner to Windows Embedded Standard 7 DialogFilter.
You can download ClickOff v1.90 here.
After you install ClickOff, you can define which window to capture, and which button inside it to click. Only thing is that you must add it to your startup apps.
I have already created a clickoff.lst file which clicks OK on the 30-sec RDP timeout popup window. The file should be placed in C:\Users\USERNAME\AppData\Roaming\ClickOff. Here's the contents of the file:
1.900
WINDOWTITLE="Remote Desktop Connection" BUTTONTEXT="OK" MSGTEXT="CompName\\UserName wants to connect to this machine.\r\n\r\nClick OK to disconnect your session immediately or click cancel to stay connected.\r\n\r\nOtherwise, you will be disconnected in 30 seconds." BUTTONID="1" MSGID="65535" DLGID="0" CLKEVENT="17" CLKMETHOD="3" TIMESCLICKED="0" WAIT="0" BPOSX="0" BPOSY="0" ;
Cheers.
I'm trying to bypass the 'open, save, save-as' dialog in ie9 for word perfect documents. Ideally my client wants wordperfect to pop up when a user clicks a link to a wpd doc without prompting the user. Is this possible to do this by defining a mime type?
http://msdn.microsoft.com/en-us/library/ms775148(v=vs.85).aspx
the above page mentions something about these registry entries but it's not clear to me weather this would solve my issue.
HKEY_LOCAL_MACHINE
Software
Microsoft
Windows
CurrentVersion
InternetSettings
Secure Mime Handlers
HKEY_CURRENT_USER
Software
Microsoft
Windows
CurrentVersion
InternetSettings
Secure Mime Handlers
Thanks
Are you sending the file using a HTTP Content-Type header of application/wordperfect? This is the first thing IE would look for to determine how to open the file.
The link you mentioned says
In Windows XP SP2 and later, after downloading a file, Internet Explorer consults the registry to find out which ProgID and CLSID is associated with the MIME type of the file. The browser then finds the ProgID and CLSID associated with the file name extension. If these ProgIDs do not match, and the CLSIDs do not match, Internet Explorer prompts the user before executing the file, as a safety precaution.
That is if you use Content-Type application-wordperfect and your file ends with .wpd then this would suffice to open the file automatically given WordPerfect registered itself with appropriate ProgIDs and CLSID upon installation.
You may check in your client's registry whether appropriate entries exist, the Registry Locations in that link show where you would have to look for them.
I am using WatiN (2.0.10.928) with C# and Visual Studio 2008 to test a SSL secured website that requires a certificate. When you navigate to the homepage a "Choose a digital certificate" dialog is displayed and requires that you select a valid certificate and click the 'OK' button.
I'm looking for a way to automate the certificate selection so that every time a new test or fixture is executed (and my browser restarts) I don't have to manually interfere with the automated test and select the certificate. I've tried using various WatiN Dialog Handler classes and even looked into using the Win32 API to automate this but haven't had much luck.
I finally found a solution but its adds another dependency to the solution (a third party library called AutoIT). Since this solution isn't ideal but does work and is the best I could find, I will post the solution and mark it as the answer but I am still looking for an 'out of the box' WatiN solution that is more consistent with the rest of my code and test fixtures.
Thanks for your responses!
In my situation I have exactly one certificate attached, so I have to pick up the one and only existing on the list, so I have really simple DialogHandler for this - it only clicks on the button if it cans handle the dialog:
public class CertificateChoosingHandler : BaseDialogHandler
{
public override bool HandleDialog(Window window)
{
new WinButton(1, window.Hwnd).Click();
return true;
}
public override bool CanHandleDialog(Window window)
{
return window.StyleInHex == "94C808CC";
}
}
AFAIR this solution won't work in Windows 7.
EDIT: I forgot about something useful. When I found that this solution is not working in Windows 7, I discovered very interesting option in IE Internet Options somewhere in "Custom Level": Don’t prompt for client certificate selection when no certificates or only one certificate exists. So I have added my site to trusted sites and edited settings, and there is no need now for me to use this DialogHandler, but it still can be used even if no dialog appears. If it is not clear, what I wrote, here is how to Enable Prompt for Certificate in Internet Explorer to show certificate dialog.
The best solution I could find so far was posted here:
http://andrey-zhukov.blogspot.com/2009/10/recently-i-wanted-to-choose-digital.html
As stated in the post, it requires a reference to the AutoIT library: http://www.autoitscript.com/autoit3/index.shtml
I've taken #prostynick's hint and automated it. Basically, if you ENABLE the setting "Don’t prompt for client certificate selection when no certificates or only one certificate exists" in the IE security settings, then the whole dialog doesn't appear (if you only have one or no certificate, that is).
So, we just have to make sure that the user has that setting enabled before we initialize your WebBrowser object. And since these settings are conveniently stored in the registry, we can do it ourselves, without bothering the user. Here's some code that does just that:
// What this does is changes this setting in Internet Explorer:
// Tools -> Internet Options -> Security -> Custom Level ->
// Don't prompt for client certificate selection when no certificates
// or only one certificate exists -> ENABLE
//
// If you're not convinced that we need this, please reset all the security
// levels in IE to the default settings, comment out this code, and try to fetch
// <your url>.
//
// If it finishes, great! Then leave it commented out. Otherwise, curse and accept
// that we need this ugly hack OR that we need to instruct people to find & change
// some unholy IE setting...
RegistryKey stupidBrokenDefaultSetting = Registry.CurrentUser.OpenSubKey("Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3", true);
stupidBrokenDefaultSetting.SetValue("1A04", "0", RegistryValueKind.DWord);
I'm not sure if this works for everyone, or that you need Administrator rights or something, but it works for me.
I am trying to make an Outlook 2003 add-in using Visual Studio 2008 on Windows XP SP3 and Internet Explorer 7.
My add-in is using custom Folder Home Page which displays my custom form, which wraps Outlook View Control.
I get COM Exception with 'Exception from HRESULT: 0xXXXXXXXX' description every time when I try to set Folder property of the OVC. Error code is a random number, every time is different. It is not the first access to control's properties, before that, View and ViewXML properties are set already. Control is marked as Safe for Scripting.
I am using value of the CurrentFolder.FolderPath property of the active explorer, which seems to be a right one:
Outlook.Explorer currentExplorer = app.ActiveExplorer();
if (currentExplorer != null)
{
ovcWrapper.Folder = currentExplorer.CurrentFolder.FolderPath;
}
This is top of the stack trace:
System.Runtime.InteropServices.COMException (0xXXXXXXXX): Exception from HRESULT: 0xXXXXXXXX
at Microsoft.Office.Interop.OutlookViewCtl.ViewCtlClass.set_Folder(String pVal)
at AxMicrosoft.Office.Interop.OutlookViewCtl.AxViewCtl.set_Folder(String value)..
This is happening only if the folder is located in non-default PST file. Changing to folder inside default PST file will produce no exception.
I must underline that everything worked just fine before I went to holiday :). It seems that Windows XP installed some updates which changed default security of Internet Explorer or Outlook 2003 while I was absent.
On the other (virtual machine) with Office 2007 and Internet Explorer 6, without any updates, everything is working just fine.
After a while, I finally find out what is the solution: change a name of the external storage to something new.
During startup of the addin, it loads the non-default PST file, and changes its name (not the name of the pst file, but the name of the root folder) to "Documents".
This is code:
session.AddStore("C:\\test.pst"); // loads existing or creates a new one, if there is none.
storage = session.Folders.GetLast(); // grabs root folder of the new fileStorage.
if (storage.Name != storageName) // if fileStorage is brand new, it has default name.
{
storage.Name = "Documents";
session.RemoveStore(storage); // to apply new fileStorage name, it have to be removed and added again.
session.AddStore(storagePath);
}
Solution is not to use 'Documents' as a name any more, but something new. Problem is not related to specific name.
Dobri Dan, nency :)I don't know if I can really offer a "silver bullet" solution given the information here...but here are a few ideas/notes to try out:Having worked with Outlook on a few projects in the past, I can tell you that it is a funny bird sometimes when it comes to giving/granting access to outside users/processes. It sometimes requires the user to manually confirm access or log in...so make certain that you have
app.Session.Logon()
taken care of somewhere.The other thing I notice is the use of app.ActiveExplorer() Make certain that this function is returning exactly what you think it is; It takes the topmost window on the user's desktop...which is usualyy but not always the window you are trying to work with, so just doublecheck.