http://support.microsoft.com/?id=815152 (Edit the script mappings in Internet Services Mananger to protect pdf's with aspnet) I have a site that has multiple pdf's for download and multiple users who will download the .pdf's. I secured the site using the above article. I created an "admin" ...more >>

Hi, I'm trying to build a login system where users login via web form, but then they are logged in as they would with windows authentication only not involving chalenge/response or basic authentication. I was able to login user via LogonUser() function and to get WindowsIdentity and WindowsPr...more >>

Hi, Are there any security issues related with storing data related to the users session in session.item ? Can i keep data in there with any risk of it being read from the client side ? Please advise Regards Niclas ...more >>

All, If anyone has been following my trials over the last week see(Setting up a Web Application on IIS 5.1 and ASP.Net Security Problems). I'm having a problem running a Asp.Net Web Application. I've finally narrowed the problem down to a security issue: The ASPNET (aspnet_wp) account cann...more >>

Hi, I am trying to figure out a way to authenticate against Active Directory and retrieve system.security.principal.WindowsIdentity object, without having to see the awful grey Basic Authentication logon box. I have found documentation that you can send a authtentication request programaticall...more >>

I have a Win2K server set up with .NET 1.1, IIS5, and I run a few development test sites on this server for deployment elsewhere. Up until now, there was no issue with the sites residing in the Inetpub directory on the sys partition. However, we are starting to consume valuable disk space on th...more >>

Dear collegues! I am trying to create a single Login Application, that can either authenticate against a database or against ADSI. Intenal users can have both an NT Account and anotherone (AppAccount) in the database (as clients would normaly have) and should be able to decide which one to us...more >>

Hi I'm stuck with a user authentication issue and desperately need some help. here's the situation - I have a web application where all the users in the domain have access to the pages. Except an edit page - edit_employee.aspx,only the users in the custom admin group (- domain_name\webapp_admi...more >>

How can I use Forms Authentication to give clients access to download specific exe files? Thanks. -- Michael Tissington http://www.oaklodge.com ...more >>

I have a class written to perform FORM POST with Client Certificate and it works fine with Windows Appication. But, I am having trouble using it from ASP.NET application and everytime i am getting "connection cannot be established" error. Any help? Aung Here is the code of my FOR POST ...more >>

All, I've just started to use VBStudio, up tell now I've coded with note pad, so this is all new to me. I'm trying to create my first project but I'm running into problems. I've created a base ASP.net web application and used the default name WebApplication1. Without doing !!anything!! to the...more >>

We have a repository of reports(Crystal). It is many folders and subfolders.We have set permissions to these folders based on who needs access to them by implementing groups in Active Directory. Problem: I want to populate a tree view with only the folders the user has permissions to. I can ge...more >>

I have a web APS application that works fine at home, with IIS. In IIS, the application is an application, not a file folder. When I copy the file on the Internet sever, my application does not work anymore. I get the message: *** Server Error in '/' Application. --------------------...more >>

I have forms authentication working for any aspx page (I'm doing this on both a folder level and also individual files). The problem I have is if the file is an exe or html then forms auth seems to be ignored. How do I get Forms auth to work for other file type too ? Thanks -- - Mic...more >>

Hello. This is probably a well knows issue but I still cannot find a solution. I have noticed that it is possible to read web.config files inside other directories on the same server simply opening them using a aspx script. This could allow my users to steal each other username and passwor...more >>