| View previous topic :: View next topic |
| Author |
Message |
Igor Jovanovski
Guest
|
 Posted: Thu Sep 23, 2004 8:23 am Post subject: WlxLoggedOnSAS called from Winlogon while WlxWkStaLockedSAS |
 |
|
We have a cascaded GINA for 2K and XP wich provides our proprietery
Smart Card authentication. While unlocking the workstation with a
Smart Card there is an amount of data (filestructure on smartcard
etc.) that need to be read of the card. because of that in the call to
WlxWkstaLockedSAS before reading the data I call
WlxDisplayStatusMessage saying something like "please wait ..
connecting to the SC" after the heavy smartcard part is done there is
a call to WlxRemoveStatusMessage to remove that message.
The interesting part is that if while the message is displayed the
user is quick enough and hits Ctrl+Alt+Del the workstation gets
unlocked!!
I traced and I can see that right after the finishing of the call to
WlxRemoveStatusMessage (so we are still in WlxWkstaLockedSAS)
WlxLoggedOnSAS gets called. There I see an abnormall situation
(WlxLoggedOnSAS should only be called while we are logged in and have
the session not while lockedworkstation) and return
WLX_SAS_ACTION_NONE what results in user getting the active user
session.
The method WlxLoggedOnSAS should not be called from Winlogon in this
state at all, or? This is a big security problem since the user can login
without providing credentials.
If the calls to WlxRemoveStatusMessage (or WlxDisplayStatusMessage
and WlxRemoveStatusMessage) is commented out the problem is not
reproducable.
I hope I have done something wrong but this code has worked perfect
for several years until one very quick user reported this. What can be
the reason for this call from Winlogon to WlxLoggedOnSAS at this stage
(WlxWkstaLockedSAS )? Any help will be appreciated.
Igi
|
|
| Back to top |
|
 |
Sharad Kala
Guest
|
| Posted: Thu Sep 23, 2004 8:27 am Post subject: Re: WlxLoggedOnSAS called from Winlogon while WlxWkStaLocked |
|
|
"Igor Jovanovski" <igorjovanovski (AT) yahoo (DOT) com> wrote in message
| Quote: | I hope I have done something wrong but this code has worked perfect
for several years until one very quick user reported this. What can be
the reason for this call from Winlogon to WlxLoggedOnSAS at this stage
(WlxWkstaLockedSAS )? Any help will be appreciated.
|
Sorry but your question is off-topic here. You should try asking on MS
newsgroups at msnews.microsoft.com.
|
|
| Back to top |
|
|
Richard Lewis Haggard
Guest
|
| Posted: Fri Nov 12, 2004 1:41 am Post subject: Re: WlxLoggedOnSAS called from Winlogon while WlxWkStaLocked |
|
|
What newsgroup are you referring to?
==
rlh
"Sharad Kala" <no__spam.sharadk_ind (AT) yahoo (DOT) com> wrote
| Quote: |
"Igor Jovanovski" <igorjovanovski (AT) yahoo (DOT) com> wrote in message
I hope I have done something wrong but this code has worked perfect
for several years until one very quick user reported this. What can be
the reason for this call from Winlogon to WlxLoggedOnSAS at this stage
(WlxWkstaLockedSAS )? Any help will be appreciated.
Sorry but your question is off-topic here. You should try asking on MS
newsgroups at msnews.microsoft.com.
|
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
