We are seeking advice from anyone that has successfully implemented Rhino Licensing in a .NET desktop application. We have successfully integrated Rhino Licensing into our C# Winforms application as per the instructions found at;
Rhino Licensing
At the moment the only way to open our software is to link it to a valid license file. We plan to issue trial licenses (expiring after 30 days) to all users requesting a trial but question is how can we put in place a scheme which prevents users from obtaining a new trial/demo license each time the license expires. This would theoretically give them the ability to license our software for multiple trial periods, possibly inevitably.
My concern relates to the issue of trial licenses. We had originally thought to limit the issue of trial licenses based on an email address provided to use when the original license is generated but now there exists the potential for users to make use of temp inbox email accounts to register for an unlimited number of licenses.
What methods have you employed to prevent users from being re-issued with trial/demo licenses after the initial period has expired? Please assume the original licenses are being served to the user automatically from a server after they register for a trial license.
All ideas welcome.
You can create a unique hardware ID that is sent to the server when the user "activates" the license and save it.
If the user requests a new trial and tries to activate it, the server will respond indicating the hardware ID already exists in the database and revoke the license.
Related
As mentioned in Power BI Documentation,
"Embed tokens with PRO license are intended for development testing, so the number of embed tokens a Power BI master account or service principal can generate is limited".
Source: https://learn.microsoft.com/en-us/power-bi/developer/embedded-faq
So my question is...
If developer require more free tokens for testing app in developement environment, can he change master account to acquire more free tokens ? Embed token are app specific or user specific ?
Any comments are appreciated.
I am new to Power BI Embedded.
You have a couple options: You can switch to another account (master service account) if you reach the limit but you will incur the cost of another PowerBI Pro License. You can also work with Microsoft support to have your limited reached to meet your needs until you are production ready. You can reach Microsoft support by going here https://powerbi.microsoft.com/en-us/support/ and scrolling down to "CREATE SUPPORT TICKET"
Note: If you are in Production you will have to buy a capacity. There is no way around that.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I am trying to understand the licensing issues on I would come across on Force.com for developing an application that will have its own data source and will also be pulling data from SalesForce.com via api/service. I have spent over a day researching this from various sites but most of them keep throwing up new things which don't really answer my questions and have got me more confused. IF anyone here has any insight into this that can help me understand the cost of development and maintaining a site using Force.com, so I can compare it with building an application ground up on say .Net or Java and hosting it on a different cloud provider, then please help me out. My questions are:
If I have 5 developers working on an application called XYZ using the Force.com platform, how many Force.Com licenses would I need to purchase for such development work and of what type should those licenses be?
Would I also need to buy separate SalesForce licenses if those developers need to fetch data from the SalesForce database through code written on Force.com?
If I already have a SalesForce license then will my access to SalesForce be suspended if I convert that license to access Force.com for doing development work?
Can I reuse those same licenses for the testing phase later or should I buy separate licenses for testing?
Once development is complete and people create accounts for themselves on my XYZ web application, will they need a salesforce login to access the salesforce related data from their company network or can they still access it without?
If my XYZ web application doesn't access SalesForce's data then will my XYZ web application's users still need a salesforce or Force.com license to login into XYZ?
If I dont use Force.com as my development platform, and I still need to access SalesForce data, how many licenses would I need to have? One per login created on my XYZ application or just one will do?
Thanks.
You might be better off asking this at salesforce.stackexchange.com (beta). Seems like quite a lot of experts there have done some cool integrations, managed packages etc or even are ISVs. so they might have more experience in the matter. They'll maybe even point you to database.com.
Or just go and talk to SF sales rep.
Also I think you don't understand that you don't simply "buy a Salesforce license". You buy licenses bound to particular production organisation (an instance if you prefer). You can't transfer them between organisations and the fact that your web app will talk to specific Salesforce instance doesn't mean you can use same license too connect to different instance. So if this is what you mean by
I have spent over a day researching this from various sites but most
of them keep throwing up new things which don't really answer my
questions and have got me more confused.
then you'll have hard time...
I think for such question you'll need to eventually ask your lawyer, don't trust people on the internet :) Safe harbor, blah blah, don't sue me...
To kick off the development you don't have to pay anything. Sign up for Developer Edition and hack away. (each developer can do it, you can synchronize between them using SVN etc - it's definitely enough for quick start). If you already have a "production" (for example Enterprise Edition") then I think up to 4 simultaneous logins are allowed for each active user. This counts for different channels (so for example developer who would both click through app's UI and work in Eclipse IDE counts as 2) so you can try to do some cost cutting here... But I'd recommend 5 full Salesforce licenses.
No, will be sufficient.
I don't think you can convert licenses ;) You'd simply buy licenses of different type and contact them to reduce the count of licenses of type you don't need. You can kind of convert users by assigning them license of different type (and this might lead to change of Profile). As a result you for example downgrade a full System Administrator (on Salesforce license) to say user who can see only Chatter and loses access to Accounts etc.
You can use same licenses. Even to say deactivate developer user accounts and use the freed licenses to create some test users.
Depends how many features of SF you'd want to use (in terms of data ownership, visibility etc.). You will have to provide "some" credentials of an active user in your Salesforce. So you might be fine with having just 1 "integration user" account that would see all data and then do all filtering etc on your webapp.
I don't understand that one so I'm going to say "no" ;) If you don't need to connect to SF and get the data - don't? Unless you have some kind of Single Sign On solution there.
If you need to access Salesforce from external app you need to authenticate. Username + password, Oauth,sessionId, single-sign-on... whatever the means - SF needs something to say that this user is active, he can see this data. So it kind of goes back to answer #5.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I am at the first experience of releasing my windows application and I don't have a cue how I should move on. Here my question:
I have my own website running on hosting. I would like to implement a customer
portal so after receiving an order I will provide a username and password via email
where users can download the activation code. I know that this is a big question...How to protect my application against duplication? Do you know what is the "best" solution to apply license system to my software?
How I can force the application to be excuted just on specific pc? Is it complex to achive?
In this scenario should I create a new build for each user so the activation key will
unblock just the right build?
If so I understand that each profile will have its own build file along with activation code and a sort of service agreement information (i.e. 1 year of free updateds).
Again I see it to complex to manage, for every changes in the application I need to compile, build and upload new version...? Ok... my application right now is a simple exe file with some folders and xml configuration files but what in future...?
Is it possible just to share among all user a single application file which can be activated by using the user activation code (in this scenario user will have his own profile just for activation key and SA information). what about security? if someone share the activation code I guess the application can be unblocked anywhere.
Should I implement the customer portal on a dedicated server (i.e) ? I don't have possibility to install my own server. What do you think about virtual server on ISP?
What about invoicing and ordering process? You think that an ecommerce commercial solution is a good choice? For istance I was thinking to get order via email or fax and then process the license (still don't know how) and send invoice whith information for payment (i.e wire tranfer). What do you think?
If the software it would cost (still don't know the price) let's say less then 30 dollars does it make sense to use as payment method a wire tranfer? What about share-it.com? Is it safe? Do they also handle customer portal?
Thanks a lot.
The usual way to prevent users from just replicating your application on many machines is 'node-locking' - at runtime the application checks that certain machine parameters match the values recorded in an encrypted license key or activation record. The Ethernet MAC address is a popular locking parameter, but this is not a good choice as on some systems the MAC address can be set or spoofed. A combination of parameters such as Windows ID, machine name, perhaps user log-in name etc. is more secure.
To issue a license you either request these details from the user or have them run a small utility that writes them to a file they send to you. You can then encrypt them in the license key, which can also contain other information such as a trial or subscription time limit, feature configuration info etc.
Alternatively, all this can be done automatically using [product activation][2]. When your application first runs it connects to a hosted license server, checks it is a valid license, and automatically reads the names of the locking parameters on its host, so it can then encrypt them and persist them in a local file it then reads each time it runs after that (so the app does not need to connect to the server again after the initial validation). If you go the activation route it is much more convenient for you and your users.
Whatever route you go, you need to think about:
- Integration with your chosen ecommerce provider/payment processor?
- How to handle users who don't have an Internet connection?
- How to support users who want to relocate their license, perhaps because they bought a new system? Can you ensure they have only one copy active at any one time? (and you may also want to limit how often they can relocate their license).
- If you lock to several machine parameters, can your locking system accommodate the user upgrading part of their system, so potentially causing one of the node-locking parameters to change?
- If the user's system crashes, how can they get their license running again on another machine?
- How do you issue trial licenses?
- How do you protect against people who try to hack your license protection?
- Might you in future want to configure features in your product e.g. offer different price points, or different combinations of features to different types of users. Can your licensing system handle this?
All these issues and more have of course already been considered and resolved by competent commercial licensing systems.
i would go with similar system to what i have seen used by Nod32 ( which is why i don't use it anymore, but still suggest to buy for everyone else ).
Application has two states: demo and full.
You can use the demo version for time period of 30 month.
And each application has a product key, which is daily verified against remote server. If verification fails, application slips back into demo mode.
If the verification server is unreachable, you show user a message that "verification server unreachable, check your connection or verify manually". Then try again in an hour. If for .. lets say .. 3 days application hasn't been verified. It does into demo mode.
If user, which has connection issues clicks on notification bubble, he sees a view containing information about how to verify manual or button for "try again".
For manual verification you have a generated code (based on his hardware data), which he can enter in your website together with his product key. And get a number for manual verification.
my 2 cents.
How I can force the application to be excuted just on specific pc? Is
it complex to achive?
You can store his computer ID/Key pair in your database.
In this scenario should I create a new build for each user so the
activation key will unblock just the right build?
No. Definitely you do not want to create 1000 builds for 1000users.
If so I understand that each profile will have its own build file
along with activation code and a sort of service agreement information
(i.e. 1 year of free updated).
It is easy to manage it with a right tool. You can ‘bind’ each key to a specific version range of your product (say v1.0.00 – v2.0.00) or specify the validity period of the key ( SaaS scheme)
Is it possible just to share among all user a single application file
which can be activated by using the user activation code ..?
Yes. It’s called floating or network licenses.LAN license server allows to run some limited number of product’s instances in corporate network. This approach is widely used by corporate customers.
Should I implement the customer portal on a dedicated server (i.e) ? I
don't have possibility to install my own server. What do you think
about virtual server on ISP?
It depends on what you mean under ‘own server’. You can’t run separate daemon/process on shared hosting, you need VPS or dedicated server. But you can use the solutions that are present on the market already.
Why do you need to implement activation system yourself? And run servers yourself? It may appear a far more complicated and costly as it seems.
ActivationCloud https://activation-cloud.com provides a good set of features that can fit needs of ISVs that is selling software to home and corporate user. Consider to use it.
Read my question "A licensing system for my (WinForms) application. Would this be secure enough? (Within reason)"
I listed a few possibilities.
Mainly, I noticed that you wanted the program to be only runnable on a specific PC, for which I used a function which returns a unique code for each PC, and required it to be the last 5 characters of the Product Key.
Hope this helped. :)
Our clients must pay a monthly Fee... if they don't, what is the best way to block the asp.net software usage?
Note: The application runs on the client own server, its not a SaaS app...
My ideas are:
Idea: Host a Web Service on the internet that the application will use to know if the client can use the software.
Issue 1 - What happen if the client internet fails? Or the data center fails?
Possible Answer: Make each web service access to send a key that is valid for 7 or 15 days, so each web service consult will enable the software to run more 7 or 15 days, this way the application will only be locked after 7 or 15 days without consulting our web service.
Issue 2 - And if the client don't have or don't want to enable internet access to the application?
Idea 2: Send a key monthly to the client.
Issue - How to make a offline key?
Possible Answer: Generate a Hash using the "limit" date, so each login try on software will compare the today hash with the key?
Issue 2 - Where to store the key?
Possible Answer: Database (not good, too easy to change), text file, registry, code file, assembly...
Any opinion will be very appreciated!
Ah, the age old issue of DRM. And that's what you're talking about here. Frankly, the fundamental answer to your question is: you can't. No matter what you do to the system, it can be hacked and modded in such a way that your DRM authentication scheme can be bypassed and/or broken.
This is a fundamental fact of software development: it can and will be pirated.
So, the answer to your question is that you will have to trust the client to pay you the fees you determine to be correct (which is the whole point of contracts in this situation).
Any other actions you take are a hardship and annoyance on your paying customer, and has the potential to erode your customer base.
Now, if you want control of your software in the nature described, then do not provide it to users to run on their own servers. Force them to be SaaS. In that way, you control all of that. But this is the only way.
Something that you don't appear to be thinking about, but I have seen networks which do not allow any type of "dial home" solutions, as a majority of the systems were internally focused and thus these internal servers were NOT allowed to contact the outer internet. At all. It was deemed a security risk to even allow them access. How would you handle those networks?
Frankly, if I was the customer, and I paid my fees to license your software (which I installed on my own device) I would be irate if I had to allow that device access to the internet in order for it to work. Doubly so, if the software in question was any type of financial management, customer management, HR management, quality management, inventory management, sales, or just anything related to my business, customers or employees. I don't trust software developers enough to have their software talk to something else when my business-relevant data is held in their software.
In the end, what you are describing is an antagonistic approach to take with your paying customers. If you don't believe me, look at the comments that UbiSoft is getting for their latest customer-hating DRM scheme.
IMO, you have two good paths here:
Go SaaS
Ensure your contract has a
bite for non-payment
usually you provide an scrambled key that includes a valid authorization token and the expiration date through which service is paid. Then the installer will use this to "activate" your software. Not sure how this would be viewed if you have 1-2 week periods. you'd want to warn them about upcoming expiration. Also not sure how to tell if they've set their own clock back.
In short, nothing will be perfect.
I've dealt with this before and its not possible to make a perfect system. There are risks in anything you do. The best thing is to weigh your options, and determine the method that has the least likelihood of being hacked and the most likelihood of working correctly and easily for the customer.
Like others have said, they could change their clock and invalidate the license checking mechanism. If you didn't trust the user, you could make the license system connect to your servers. You would then need to ensure that they always have a connection to your servers to check the license.
What if there is a valid reason that they cannot access your server?
Their internet connection has a problem.
YOUR internet connection has a problem.
In that case, should you disable the application? Probably not. But then again, what if they shut down the connection on purpose? Then you would WANT to disable the application.
If you give them a monthly key, you're adding a monthly annoyance and you may lose a customer after a while (people tend to do business with those who make it easy).
For example: If you base it on their clock, and the application needs their clock to be accurate for some reason, then its unlikely that the customer will change their clock.
I agree with Stephen but ultimately, I think that your contract is your best ally here.
As been previously mentioned, you don't want to inconvenience customers, especially if you have a large deployment.
As for SaaS, if I were a customer using your product and you said that the model is changing and we need to access the software from your server and ours must be decommissioned, I'd not be happy. I'd probably use the opportunity to switch packages.
In corporate settings, the contract really is the best way to handle these issues. I've worked on licensing issues for desktop and ASP.NET applications and they can cause a number of headaches for both you and your client.
However, if you insist on using something like this I suggest you go with a middle ground. Instead of only unlocking the application for a week or two, provide a license for 6 months or a year. This way, if you run into licensing issues (and you will run into issues) they only occur once a year rather than a couple of times per month. That will be cheaper for you in support and your clients will be less unhappy about dealing with licensing issues. If the company stops paying and you need to terminate the license you can handle that on a one-off basis, using contract enforcement as needed.
On the web service or client license options, I think a good license system would incorporate both. A client license to provide a the application a stable license and a web service to generate and deliver the license key when it is time for the application to be renewed. If the client won't allow the application to call home to get the license key also provide a manual entry method.
If you are going to store a license on the client, do not try to build a component yourself. There are many components available which will be much more robust and reliable than the one you build. There is a .NET .licx-based licensing method and a number of 3rd party methods that you can use. Which one is most appropriate depends on your scenario: how flexible you want the license and what other options you need. Most importantly, find something reliable - any time your customers spend fixing problems caused by licensing is non-productive for them and will reflect poorly on the application.
The important thing to keep in mind is that no system is fool proof. If your application is valuable, someone is going to figure out how to steal it. But at the corporate level and with custom software it's more likely the licensing will be used to remind people to pay rather than stop wholesale piracy.
I have signed up with BizSpark and it is a great deal, especially for people like myself in perennial startup mode. As part of BizSpark you get 3 year deployment licenses for software such as Windows Server and SQL Server. Is there any dedicated hosting companies that will allow you to use these licenses without having to pay for licenses built into typically hosting accounts? For example, normally to get SQL Server Standard installed on a dedicated server at a host can cost a fair bit of extra money, but as I already have a license I shouldn't have to pay.
So far, I have found two hosting providers aware of BizSpark:
http://www.peer1.com/hosting/bizspark.php
http://www.servepath.com/bizspark/
Although, hosting providers who are afraid of displaying their prices are usually super-expensive, which probably does not fit that well with the tight-budget spirit of companies going for BizSpark.
For the record,
http://www.crystaltech.com/ does not support BizSpark (commercial answer obtained 2009-02-19).
Feel free to edit this post, if you have links.
Crystaltech has 4 different windows servers that will work for your BizSpark application. They also do custom configurations. They have been in business for 11 + years and are a Microsoft Certified Partner. SQL and other licenses can be added a la carte but you can get a empty box. They can be reached at 877.323.4578 option 3 ask for James.
http://crystaltech.com/dedicated-windows.aspx
Crystal Tech is currently running 3 promotions:
Pay Monthly: The RAM on the server is doubled for free.
Pay Quarterly: Set up fee is waived ( No free RAM )
Pre pay the year: Get 3 months of service for free and the set up fee is also waived. ( No free RAM )
You can use the amazon cloud as Bizspark Partner and get cheaper hosting:
http://aws.typepad.com/aws/windows/
http://squarecows.com/2011/10/24/new-use-your-microsoft-bizspark-licenses-on-aws/
As far as I know you have a few options.
BizSpark has a hosting company agreement, you could contact them
Most hosting companies with dedicated systems will sell you a basic configuration and allow you to install your own software. (However, windows might be the only tricky one).
I personally recommend both RackSpace and HostMySite for hosting, if you contact their sales people they will let you know what is possible.