I have read various articles regarding explaining ASP.Net security model. I have one simple question regarding Delegation that i can't seemed to get answered: I have a web service that opens a file on another server and reads the contents. If I set an IIS application to Anoymous which us...more >>

I am using isInRole function to check if a user is in a group. It works ok except it will suddenly stop working and I will have to reboot to get it to work again. Any ideas?...more >>

This is error message I've got. Any suggestion would be appreciated. Server Error in '/WebDirectory' Application. ---------------------------------------------------------------------------- ---- Access to the path "CreateFolder" is denied. Description: An unhandled exception occurred...more >>

Hello, I am trying to authenticate a windows user using LogonUser API on our website. I am able to authenticate and impersonate the user just fine but I need to validate these credentials to our SQL Server connections as well. I'm using a DSN on my server with WindowsNT authentication...more >>

How can I change the value of "timeout" in Web.config <sessionState timeout="20" /> in one deployed app (project A) from a method call in a WebForm (C#) that's running in another deployed app (project B) on the same server....more >>

Following Microsoft recommendations, I'd like to store a one-way passport hash of a user's password. .NET provides method FormsAuthentication.HashPasswordForStoringinConfigFile (...) to generate a hash value with either SHA1 or MD5 algorithm. My problem is that the password is to be generated on...more >>

When I right click on a file and select properties the security tab isn't available, only General and Summary. Does anyone know how to get the Security tab to show up? Thanks in advance Doug...more >>

Hello, I have been desperately trying to programmatically authenticate a windows user, create their credentials, and then redirect them to a different server while passing the credentials at the same time so that they don't have to login again. Specifically, I have two webservers in the sam...more >>

Reviewing user accounts on my machine, I see the user "asp.net machine a..." which was confusing. Not being in love with my PC - how did this get here? What's it for? Or should I kill it?...more >>

I am using VS2003 and when I am launching the web application in the sub = folder page he me show the error. I attached the 2 files machine.config = and web.config from sub-folder. =20 Server Error in '/Pirmadienis' Application.=20 -------------------------------------------------------------...more >>

I am using VS2003 and when I am launching the web application in the sub folder page he me show the error Configuration Error=20 Description: An error occurred during the processing of a configuration = file required to service this request. Please review the specific error = details below and ...more >>

I recently installed Active Directory on my webserver (yeah people say it's a bad idea but I had no other choice). Now when I access a web app with anonymous access turned off, I get a runtime error. Integrated Windows Authentication is turned on, and in web.config I have <identity impersonate="...more >>

Hello all: I am trying to build a standar Web registration screen and was wondering of what algo to use to generate a random password for users. Any kind of help would be greatly appreciated. Thanks. ...more >>

Hello everyone! I recently read "ASP.NET Impersonation" from the .NET Framework Developer's Guide (http://msdn.microsoft.com/library/default.asp? url=/library/en- us/cpguide/html/cpconaspnetimpersonation.asp) and it says the following: "Only application code is impersonated; compilatio...more >>

Hello, When I try to create a Word application object from a webform using server.createobject("Word.Application") I get this error "Access denied" Does anyone know what I am doing wrong? Thanks for any help! Joost ...more >>

Hi We have an SBS2000 server which has an access database running internally, supporting around 20 users. The server is connected to a broadband connection. Is it viable for us to run an asp.net web site on the same server that allows visitors (around ten on average) to view the content of th...more >>

hi, if someone knows the original and encrypted form of some information that i have encrypted with my private key using 3des in .net, does this compromise the private key? thanks ted ...more >>

can some one point me what i'm doing wrong? I have spent half a day figuring out and totally stuck now. Here's what I'm trying to accomplish: I am writing a web appl - an intranet portal site (based on the portal starter kit) and I want to apply role based security to the site. - When the us...more >>

Is there any way to log someone in using Forms authentication *without* using RedirectFromLoginPage()? My reason for asking is that I'm trying to use Forms Authentication to allow users to login to a site, but I keep coming up against the problem that all the MS examples show using a Login pag...more >>

I have been using .net for a while. I want to have my windows authentication concepts cleared - . particularly how it works on Intranet sites. Is there a good, simple to understand reference book/sites that can help me with? Appreciate any help. ...more >>

I've read a number of other postings trying to deal with this problem, but none of the suggestions worked. I developed a SharePoint 2003 portal locally and built a web part for it that reads user data from Active Directory. It works fine deployed to the SPS server in our domain--the DC is on a s...more >>

Hi.. I am currently writing a manager that creates Windows Schedules remotely via. web services. I have just a few questions. What is the best way to Authenticate incoming requests (and remember the SOAP request can come from non .net clients i.e. J2EE)? I need to encrypt these SOAP messages - wh...more >>

Hi I have an intranet app which resides on a web server that is not in a domain; but in a workgroup. The users of this web app all log into the domain. I want to be able to find out who the 'domain user' is when they browser to my web app on the server, how does one do this? what are the ...more >>

re: http://www.dotnet247.com/247reference/msgs/31/159270.aspx (neither my news server, nor microsoft's seems to still carry this thread) I am trying to add User Authentication to Cassini. More specifically I am using Cassini as a web-server back end to a GUI application (with a web browser c...more >>

Hi, I am new to ASP.net and VB.net. I need to store a class(SecurityClass) with a property ( LoggedIn as Boolean) in the Session Object (Called SecurityObj) or ( As a session Object?) (Any difference?) I need to have access to the LoggedIn Property in the SecurityObj which is in the session ob...more >>

Greetings, I'm hoping someone has experienced a problem I'm having: I have an existing ASP application (working fine) that uses an SSL server certificate. My user community is made up of both PC's and Macintosh computers. I've re-written this application in ASP.NET for a number of reas...more >>

I tested this page <%@ Page Language="C#" ContentType="text/html" ResponseEncoding="iso-8859-1" %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Untitled Document</title> <meta http-equiv="Content-Type" con...more >>

I have a complex problem that needs a lot of background explanation before I can ask questions, so here goes.... Our system consists of two servers. -WebUI server - Windows 2000 - runs asp.net pages, and handles http requests. All requests go through this frontend public server. Business o...more >>

First of all, with identity impersonate = true, I still get this blasted error: Exception Details: System.Data.SqlClient.SqlException: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. It seems like it simply will not send the domain username and password that I'm authenticated as! It is endl...more >>

I am testing forms authentication against Active Directory. I want to limit access to the site based on Windows groups. The app is working but it allows anyone with a domain account access which is undesirable. I followed the Microsoft KB article 326340. Here is the entry in my web.config:...more >>

I just made a web application in ASP.NET and when I run it I get the message "Login failed for user 'CR578941- A\ASPNET'" in the result page. How do you correct this, and why this is happening. I am very new to web application in .NET Please respond to khalidyh@hotmail.com Thanks ...more >>

Hi, Under ASP I was able to use code like that listed below to confirm login details on our intranet site. I wish to upgrade our site to run purely under ASP.NET. I am having trouble converting this code to ASP.NET code somebody point me in the right direction with some sample code like this...more >>

I'm trying to locate examples on storing usernames and passwords in a database table for Forms authentication. Database can either be oracle or sql server. Thanks. bebop...more >>

I was testing some configuration options with Framework Configuration tool and eventually something went wrong in .NET security. Now cannot do anything in .NET with out having "System.Security.Policy.PolicyException: Execution permission cannot be acquired." error and CLR debugger popup...more >>

Hi, I'm having some terrible difficulty setting up security on sub-folders of my ASP.NET application. Here's essentially what is happening: 1. I create my application at http://localhost 2. Since I'm creating it at the root, VS.NET gives it the initial namespace, solution name, and p...more >>

Running Windows 2003 Server Framework 1.1 A site is configured to use integrated security (in IIS 6) Windows autentication and user impersonation in web.config <identity impersonate="true" /> <authentication mode="Windows" /> I've got a ASPX page that lists folders and files f...more >>

I am using forms authentication and session variables to control access and disallow "data stripping". Some query strings are used, but the Users access is verified before allowing access. Illegal access is diagnosed, the user is logged off, session vars are cleared and he is redirected to a ...more >>

Hi! 1st: when I debug this: FormsAuthentication.SetAuthCookie(email.Text, RememberCheckbox.Checked) and set a breakpoint a line after FormsAuthentication.SetAuthCookie(email.Text, RememberCheckbox.Checked) at: // Redirect browser back to originating page Response.Redirect(App...more >>

I make an AD query to a remote domain controller and only give it 10 seconds to respond (more than enough in this particular environment). I don't see timeout or query- time settings in the DirectoryServices space, how should I set a timeout query value? Thanks....more >>

I have been working on implementing forms based security but I need 1 page that is open to the public to create a new account. How can I specify one page not to be checked for security? Thanks in advance. Tommy ...more >>

I would like to secure an ASP.NET application with Forms Authentication. Within the web.config file of the application, I have the following: <authentication mode="Forms"> <forms loginUrl="http://localhost/authenticate/login.aspx" path="/" /> </authentication> <authoriz...more >>

I am trying to implement forms authentication in my asp.net app. I set the loginurl setting to be "login.aspx" at first and then I needed to change the setting in web.config. My app always looks for login.aspx for some reason no matter what I change the web.config setting to. Is this info cach...more >>

Is it possible to add declarative security attributes to classes or methods at runtime? I am toying with the idea of a class factory that emits classes with their own security structure "at birth" instead of hard-coding everything in at design time. Thanks....more >>

How would I go about taking my DB connection strings and putting them into my Web.Config file in encrypted form? Of course, I'd need to know how to call and decrypt them from the various .aspx pages that need the info. Thanks! ...more >>

Once again at my wonderful job i've been given the task of "come teach your fellow idiot coworkers the skills you have" I write software for a company in chicago. I use visual basic on asp.net type platform. Recently i learned a little bit on database access and would like to knw more so...more >>

I have an ASP application that is 100% stateless and runs on a 5 servers using a local director to load balance. All session info is pulled from a DB. Would forms authentication be fesaible as I migrate this to ASPX? Can authentication information be passed\utilized accross the server farm...more >>

Hi all, I’m trying to read a values out of the ‘authorization’ host header. I can get the values easily enough, but the ‘authorization’ header is somewhat allusive. For connections requiring authorization the process appears to flow: Client -> Server [request] Client <- Server [401...more >>

JOB: Houston, TX >> Web / .NET Developers (6 months+ contracts) - Local Candidates ONLY infoTEAM, inc. is currently staffing the following contract positions for our client, located in Houston, Texas. DESCRIPTION: The Web / .NET Developers will rewrite large gas transportation and...more >>

I have set up forms authentication for my web application. I have several subdirectories inside a main directory and I have forms authentication for each of my sub directories. In the logon page when the user is authenticated, I have FormsAuthentication.RedirectFromLoginPage(txtLogonid.Te...more >>

I created a subfolder for some Web pages to set special permissions for them later. VS.NET copied all the files from this subfolder to a main folder and uses these copies in a project. How can I make VS to use the files in the subfolder? Thank you. ...more >>