Infralution Support Forum Index Infralution Support
Support groups for Infralution products
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Encrypted licensing question

 
Post new topic   Reply to topic    Infralution Support Forum Index -> Licensing Support
View previous topic :: View next topic  
Author Message
sun21170



Joined: 05 Jan 2021
Posts: 4

PostPosted: Thu Jan 07, 2021 11:48 am    Post subject: Encrypted licensing question Reply with quote

I am trying to understand ILS by running the Licensed ASP.Net Application sample.

I have a couple of questions regarding Licensed ASP.Net Application sample.

    1. Does ILS use asymmetric encryption?

    2. When I input an arbitrary string in license key textbox and click on Install License, then I get an Invalid License Key message. However, if I input a license key that I generate from License Tracker application for the asp.net product, then it is accepted and license file is created. How does ILS know that license key is valid when no database call is being made?
    If license key is not checked against database then the same license file can be used in other web applications that have not purchased a valid license.
Back to top
View user's profile Send private message
sun21170



Joined: 05 Jan 2021
Posts: 4

PostPosted: Mon Jan 11, 2021 8:01 am    Post subject: Reply with quote

Regarding point number 2 in my original question, I noticed a loophole in ILS.

I had created 2 products called LicensedWebsite and Another Licensed Website with same Basic License Settings. I used the existing sample of LicensedWebApp that comes with ILS download. I generated a new license key for both the above products.

The problem I noticed was that if I input the first or second product's license key, it gets accepted and a license file was created. Only one product's license should be accepted.

This is a problem because it means that a single license key could be shared by a customer with others and each of these other customers would then have a validated license key to use my software product without having to pay for a license.
Back to top
View user's profile Send private message
Infralution



Joined: 28 Feb 2005
Posts: 5000

PostPosted: Thu Jan 14, 2021 9:52 pm    Post subject: Reply with quote

The encryption is based on the Product and Authentication Passwords that you enter when configuring the product. For the evaluation we only allow a single password of "Test" which does mean you can only really evaluate a single product. For a real usage each product should have a separate password to avoid this
_________________
Infralution Support
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Infralution Support Forum Index -> Licensing Support All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group