VB6 application : After windows security patches application is not able to login

Posted by Naga116 under VB.NET on 10/7/2014 | Points: 10 | Views : 2506 | Status : [Member] | Replies : 0
Hi All

We have an VB6 application (windows) which running since 8 years.. there were some security patches updates at client end.

Application is able to launch but not able to login.

Client is expecting: Application should run including with security patches.

Please let us know if any changes from application or workaround is required from application point.

Login Procedure:

After click on the Login button...

1. Creates new TrustedCertificatePolicty
System.Net.ServicePointManager.CertificatePolicy = New trustedCertificatePolicy

-->trustedCertificatePolicy class implements ICertificatePolicy
-- Function has implemented :
Public Function CheckValidationResult(ByVal srvPoint As ServicePoint, ByVal cert As System.Security.Cryptography.X509Certificates.X509Certificate, ByVal request As WebRequest, ByVal problem As Integer) As Boolean Implements ICertificatePolicy.CheckValidationResult
Return True
End Function

2. private sub check_authentication() in Login page
authenticate(sUserID, sPassword)


Author(sUserID, sPassword, SAppl, ServerName)
catch ex as System.Exception

Another class (like ModAthentication class)

Imports OMNISEC.soap.wse
Imports OMNISEC.soap.isf
Import Microsoft.Web.Services

Public Sub authenticate(ByVal user As String, ByVal password As String)
Dim filter As OmniSwitchOutputFilter
Dim coll As SoapOutputFilterCollection
filter = New OmniSwitchOutputFilter(user, password)
coll = WebServicesConfiguration.FilterConfiguration.OutputFilters
End Sub

3. Author(sUserID, sPassword, SAppl, ServerName)
Calls respective url from configuration (app.config)

4. Authentication.vb

Imports Microsoft.Web.Services
Imports Microsoft.Web.Services.Configuration
Imports omnisec.soap.wse
Imports omnisec.isf
Imports System.Configuration
Public Sub Author(ByVal user As String, ByVal password As String, ByVal MyAppl As String, ByVal serverName As String)

Dim InputUser As New com.zurich.chz.gepuis.soap.UserSecurity.UserAuth_T()
Dim MyHeader As New com.zurich.chz.gepuis.soap.UserSecurity.Header_T()
Dim authManager As AuthManager
Dim url As Uri
Dim principal As System.Security.Principal.GenericPrincipal

principal = authManager.authenticate(user, password, "")
Catch ex As TransportException
Throw New Exception("TransportException occured: " + ex.Message)

From the above method it is going to TrustedCertificatePolicty.vb class when we ran any of the website (like Google.com, yahoo.com or meebo.com). This is i was surprised..

Please do the need full application should login with the new windows patches.

Anything need to add in app.config file.



(No response found.)

Login to post response