Thank you Joe K. Logging off and logging back on again solved my role caching problem. From http://www.google.ca/search?hl=en&q=WindowsTokenRoleProvider+caching&btnG=Search&meta= Posted via DevelopmentNow.com Groups http://www.developmentnow.com/g/...more >>

I need to create a web application which has to use the AD for authendication and ADAM for authorization. i try to create a web applicaiton and added a ADAM membership to the configuration file as mentioned in the http://blogs.msdn.com/dansellers/archive/2005/10/11/479941.aspx but still i was ...more >>

Apparently this is a known issue. http://support.microsoft.com/kb/946358 This was a bit maddening before we figured this out, especially for employees that get married. From http://www.developmentnow.com/g/14_2006_3_0_0_728745/ASP-NET-User-Identity-Name-value-after-a-domain-username-change.htm ...more >>

Hi Flyguy, From your description, you're using ASP.NET with FormsAuthentication, and you wonder how to configure an particular folder to have different authorization setting as the main web application, correct? Based on my experience, for specifc authorization(for a parituclar page or s...more >>

I'm hosting a server which will have some sites which talk to some MySQL servers, I'd like to run in medium trust but additionally have to open up the SocketPermission priviledge as it is needed by the MySQL connector. I currently have this in the .config file... <IPermission...more >>

I am using Forms Authentication on a website. I’d like to configure it to allow anyone access to the entire site with the exception of one folder. In that one folder I’d like to limit it to users with logins. How do I setup my web.config file for this?...more >>

I am using a custom forms auth, which sets up the session and authcookie, on session time out the content of the session is being cleared which is what i expect, im my global.asax on session timeout i call FormsAuthentication.SignOut() to clear down the authcookie. but this does not seem to...more >>

Hi I would appreciate any help that would shed some light on this problem... I have a com dll that is an API to another application. The initialize routine of the object requires the path where the data files are located, to be passed in as a parameter. This works fine when the data folder...more >>

I'm trying to do an HttpWebRequest on an encrypted page but it's returning an empty XML document. When I go to the same link in IE I see all the XML. Any ideas? Thanks...more >>

One clarification - both internal and external users are within trusted domains - they are just in separate domains, and one is not a Windows-based network, so I have to use forms-based security for them, and integrated security for the Windows users. Having them all go through a username/passwo...more >>

Can someone point me to a ~working~ example of using mixed authentication in an ASP.Net 2.0 website? I have been screwing around with this all day and I am no closer to a solution. It seems to me that this sort of thing should just be "built- in." I can't believe that after 10+ years of ASP.Ne...more >>

I spent hours frustrated with how a simple postback was not working running locally. But it works normally on a different web server. A configuration tip or work-around will be appreciated. ...more >>

We have a number of applications that are deployed using ClickOnce and we use the VeriSign timestamping service. The VeriSign timestamping service is being upgraded to use SHA-1 instead of MD5 and I need to gauge how this will affect our applications. From what I understand when the applica...more >>

Hello, I'm currently maintaining a web-application wich is 'secured' using FormAuthentication. When the user is authenticated I set then Authentication-Cooke using : FormsAuthentication.SetAuthCookie( UserName, false) and redirect the user to the correct page. In the global.asax (Appl...more >>

I'm trying to get a web site up and running. It's a hosted website using asp.net and SQL server. I'm also using the membership classes, and the standard membership controls. I have a database on my development machine, and during debugging, I set that to be my membership provider. Everyt...more >>

We had a situation where impersonation was working on our test intranet site, but failing on our production site. The application uses integrated Windows authentication, and gets the currently logged in user using the WindowsIdentity class. The web.config had impersonate set to true. Everything ...more >>

Hi Joe, good suggestion, I tried and it works :) Good thing is that only active DC will return. I tested with blocking(IPSec) data between DC and memeber on which I run code. Code: maybe help to someone Dim instance As Domain Dim returnValue As DomainController ...more >>

I guess I still don't understand. If you are trying to access a website, the login to IIS is a network login which is processed nearly instantaneously. There are no login scripts executed. Is this a web app or a local app you want to access? Joe K. -- Joe Kaplan-MS MVP Directory Servi...more >>

Hi Joe, Thank you for suggestions. I decide to do next: enumerate DCs try to connect to first and if connection is sucessfull continue but if not then try to connect to second DC. Regards, Darko Bazulj ...more >>

You can also use the FindDomainController method on the domain class to get more control over this and make sure you get DCs in your site and such. It might be an easier and more robust approach to do the same basic thing. Joe K. -- Joe Kaplan-MS MVP Directory Services Programming Co-aut...more >>

Basically, if you disable automatic login with Windows Integrated Auth in the browser, the web app will just challenge the user for credentials and force them to log in. The login they provide to the server will then not be coupled to the identity of the login on the workstation itself. Yo...more >>

Joe, The trick here is that login takes time and therefore your proposed approach seems to result in a lengthy logon. I am looking at the ways of allowing user access to a very limited set of resources on the network, primarily on the web server for a single application, under their Windows...more >>

Joe, Thank you for replying. Would disabling automatic integrated authentication mean that users will not have to go through a complete logon and workstation can be logged on a basic generic account? Our problem is that users might not have enough discipline to close the browser when they...more >>

It seems like the key for you is to ensure that you always use the same DC for doing your write operations, so it would likely be a good idea to use fixed DC names for this particular app. Joe K. -- Joe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide ...more >>

Can you disable automatic integrated authentication in IE for the machines in question so that the users will simply be prompted to enter credentials when they access the app? Then, have them close the browser when they are done. If you have smart cards, you could also just use SSL with cl...more >>

We have an Intranet ASP.NET application that is relying on AD security. We have a business requirement to run our application on shared workstations. Additional requirement is that users are under time constraints and use the system on and off during their shift. Up to 4-5 users can share ...more >>

Thanks for that Alexey. Looks workable if there is nothing built into ASP.Net. ...more >>

Hi, I'm writing an ASP.NET 2.0 application. Users can login using certificates issued by several cert. authorities. My problem is to provide user a possibility to change certificate which he use to login. So, i would like to have a page where he can choose some other certificate from list of ...more >>

On Jun 10, 3:30=A0pm, "Larry Neylon" <la...@senior.removethis.co.uk> wrote: > Hi there, > > I've got a site that has custom errors with the web.config looking like > this: > <customErrors mode=3D"RemoteOnly" defaultRedirect=3D"/CustomErrorPage.aspx= "> > > <error statusCode=3D"404" redirect...more >>

Hi there, I've got a site that has custom errors with the web.config looking like this: <customErrors mode="RemoteOnly" defaultRedirect="/CustomErrorPage.aspx"> <error statusCode="404" redirect="/404.aspx"/> </customErrors> Is there a way of excluding 403 errors from being redirecte...more >>