Dear Friends How things going well. I have a question. Please help me. Thanks in advance. I like to give our customers a web site in our site i.e www.ourdomain.com/JackSalume www.ourdomain.com/JanetWilson www.ourdomain.com/CarenAnderson All the customers use the same template i.e their ...more >>

I am interested in building a site with integrated windows authentication using acl groups. Is it possible without having users and roles defined in the database or is windows authentication, within asp.net, intended to validate the user and pass the user to the defined joined users/roles in the ...more >>

I'm setting up a linux firewall for my companies T1. All of our other machines will be windoze. I also need to setup a Windows VPN server (can't use the linux clients for reasons I can't get into here). 1) Someone suggested to me that I put the VPN in the linux DMZ and foward the ports to tha...more >>

New to .NET, and trying to get a web application using one of my older COM components to work. It works from VB.NET or VB.C# desktop app, but when instantiating an object from my COM component in an ASP.NET app, I get the Access Denied error. I have disabled the Indexing service, and grante...more >>

Hi Can I implement Form Authentication in ASP.NET for different users(Number of different users is not fixed). Regards Vinayak...more >>

I want to generate a key pair for use in Across Application Authentication. Are there any utilities included with VS.Net that will generate a key pair that I can use? validationKey=? decryptionKey=? validation="SHA1" Thanks, -- Ralph Page MBA, CMBA, MCDBA, MCSE, CCNA -----------------...more >>

I've created a web site using plain old asp (not asp.net). How do I got about setting it up to require the user to logon using their domain credentials before they can start to use the app? Any url's to material would be great. Thx ...more >>

Hi, I am using Forms Authentication and it is working just great...someone tries to access a form without logging in, they get routed to my login screen. However, how do I implement logging out? I have a logout menu option where I want to fire and ASPX page that does...what? What to do I nul...more >>

hi i have a problem with database access (SQL Server/MSDE) on my production server. the asp.net web app works fine in test. on the production server, it won't connect to the database! i'm pretty sure i have set up the ASPNET login correctly, with permissions identical to my test system...more >>

I have a couple of SSL questions. First: If I would like to protect my entire website by ensuring that all pages are accessed using SSL (https://) How would I force that? Would that be an ASP.net config thing, or a configuration in IIS? Second: If I would only like specific pages protected...more >>

In my application I would like to to be able to upload files to a specified directory on the server. I specify the files in the app settings section of the web.config file. When I try to save the file though I get an access denied error. I've checked to make sure that the ASP account has...more >>

Hi For ASP.Net application we can use Five IIS authentication settings viz. Basic,Integrated Windows, Certificate, Anonymous & Digest. Now my Question is out of these 5 which all authentication mechanisms can be used when my CLIENT OS is 1) MAC OS 10 2) Unix The browser used by clien...more >>

I have a problem with FormsAuthentication: I have two web applications: http://localhost/bx/authentication http://localhost/myapp I have a 'login' hyperlink in MyApp that opens http://localhost/bx/authentication/login.aspx in a popup window. The popup window has a username and pass...more >>

Is there a way to make my intranet web application NOT automatically use the logged in user when using the "Windows" authentication mode? I want to force the windows popup to always appear, prompting them for a user name and password (with domain name already filled in for them, if possible), a...more >>

Hi , I have an ASP.NET web service running on a Windows 2000 Server (WHICH IS NOT A DOMAIN CONTROLLER). Since I wanted to access a remote database on my intranet , I set up my ASp.NET worker process(aspnet_wp.exe) to run under a domain account(<domainname>\meenaaspnet). Everything is ...more >>

Hi all, I have read that you can have have multiple web.config files but some tags including <authentication> can only be present in the root one. but our applictaion is used by 3 different kinds of users. so we have 1 virtual directory and 3 folders, 1 for each type of user. we have 1 logi...more >>

I'm working on single signon for multiple web apps on a single domain. If I authenticate in wepApp1 then I am authenticated in webApp2 however, anywhere in the global.asax code of webApp2 the following don't seem to be set/initialized: Request.IsAuthenticated User.Identity ...more >>

I have an asp.net site and I want to provide automatic login when a user returns to my site, similar to amazon.com. Currently my site authenticates the user and generates a token when the user has been validated, this token is unique per login and is valid unitl the user logouts or their sessi...more >>

I'm experiencing some problems with role-based forms authentication accross domain. I wanted to create an unique login page for multiple web server running different applications. My first server is www.mydomain.com The second one is www1.mydomain.com The third one is www2.mydomain.com I made...more >>

I was thinking of using form authtentication. Is it a pain, or should I do it? Also, I want login to redirect to one of two pages always, no matter what. Is there no way I can tell the FormAuthentication object which page to go to at runtime?? Thanks Please give your opinions and ...more >>

I have a web app that I have setup to use Windows authentication ( impersonation = true ) and IIS configured to use integrated security only. From what I have read, this should suppress the logon prompt is you are currently logged into the same domain. Am I missing something? I get a logon pro...more >>

I have a web application with at least three pages: /index.aspx (home page) /login.aspx (login page) /my/portfolio.aspx (private page - needs authentication) If I attempt to go directly to the private page, I am properly redirected to the login page. If the login is successful, I am then ...more >>

I just moved some ASP.Net applications to a new machine. The applications ran ok on the old machine but hit a number of security problems on the new machine. Rather than just "kicking the door open" on the new machine, I would like to get it setup correctly. Is there a write-up somewhere...more >>

While developing an ASP.NET with a SQL server running locally, I didn't have any problems using the following connection string (where ATP is the local server's name) "Server=ATP;uid=AppAdmin;pwd=pass;Database=DB1"; When I try to connect to a remote SQL server named DTP, using connection...more >>

I'm trying to convince a web systems administrator to install ASP.NET on his web server so I can host a dynamic departmental web site on it. Does anyone know of a straighforward writeup of what it takes (machine.config and NTFS file permissions) to limit an anonymous asp.net application to ...more >>

I have a performance question. I have a web service in a machine (not in the a domain at all) and the virtual directory is setup for integrated windows auth. The server is WIN2003. When I call the service from my code I set up a credential cache with the appropriate credentials and the ...more >>

Hello. I'm trying to setup a Win2003 server for hosting ASP.Net Applications in a Shared Hosting enviroment. With the "old" ASP I created a different anonymous account for each web site and restricted the NTFS permissions on system and website folders. With ASP.Net I set the <identity imp...more >>

hi all, I am totally stumped, and I need your help. My authentication cookie (using FormsAuth against Active Directory) is expiring way too often (like less than 20 minutes). I have it set to expire in 8 hours. I'm not deploying anything to the site, so I'm not resetting the application during t...more >>

I have a .net application that employs asp.net, vb.net and sql server. The application is secured at client sites through their firewall. We want to add functionality that will automatically trigger emails (potentially with report attachments) that are sent to people outside of the firew...more >>

Forgive me for cross-posting, I'm desperated. ------------- Client machine: Win2K server SP4 with both .NET framework 1.0 & 1.1 installed. VB.NET app developed using an XP Pro with VS.NET 2003 / .NET framework 1.1 You help is greatly appreciated. Bill -------------------------- Common ...more >>

I'd really appreciate some pointers on web services etc. I'm a VB6 developer with a growing knowledge of vb.net and asp.net but I'm in need of some direction! Firstly, sorry about the X-posting but I've kept it to a minimum (2 groups). I have a asp.net web application that uses a combinati...more >>

Microsoft Customer this is the latest version of security update, the "September 2003, Cumulative Patch" update which resolves all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express. Install now to protect your computer from these vulnerabilities...more >>

I'm authentication against ActiveDirectory by implementing forms authentication similar to this MSDN article. http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT02.asp I want to make it so that the forms authentication supports AD Native Mode. So the user ...more >>

I know this question my have been asked many times, but non the less. What I have to do so I can access from my c# web from to file (file.xml) in the same directory - so I can read/write in it. Thanks, Anton, ml. ...more >>

I have a web program which allows the user to select a file on his local machine, and then copy it to the Web server. This works fine (using PostedFile.SaveAs). But when the same program tries to Delete the file, using file.delete, the server says access denied? Any idea how to fix this? Th...more >>

Dear ASP.NET Programmers, How can I post data to an ASP.NET login page and pass authentication? The login page uses forms authentication, users must supply usernames and password and have to click on a submit button. I want to automate this process by supplying values with HttpWebRequest and ...more >>

Greetings, I am working on an asp.net storefront that requires credit card information to be stored temporarily on the server. Currently the site will feature administrative access protected by MD5 and credit card information encrypted with Rijndael. Retrieving the information will also be s...more >>

I have an asp.net application that is using forms authentication and the encrypt/decrypt methods to encrypt the ticket. My application works perfectly on my test system. However, when moved over to production, I am receiving the following error: System.Security.Cryptography.Cryptographic...more >>

Does anyone knows how to encrypt a cookie? ...more >>

Hi all , how can i prevent the user of the asp.net page to copy or print screen some text i put it on the page . Please if any one know...reply as soon as posible on my e- mail . Mostafa Arafa SW Developer Egypt...more >>

How do I download file from the web when the site uses forms authentication? Without the authentication, webclient object works. Thanks, Buran ...more >>

hello, every one: could anyone tell me how to install IIS 6.0 on Windows 2000. Thanks a lot, haiwen...more >>

Anybody know the reason the call to DuplicateToken is needed in the Impersonation sample found at: http://msdn.microsoft.com/library/default.asp? url=/library/en- us/cpref/html/frlrfSystemSecurityPrincipalWindowsIdentityCl assImpersonateTopic.asp Since the underlying Win32 ImpersonateLogged...more >>

I have a VB project which has 1 web service. I have been developing the project happily with Dot Net until I applied SSL to be web server. Now the project cannot be opened in Dot Net. Removing project and re-adding does not display any files at the web project location. Any ideas? Thanks,...more >>

I was wondering if anyone out there could shed some light on this MSDE .NET interaction problem I am running MSDE 2K latest service pack running Mixed mode, .NET Framework 1.1 on XP Pro (also latest SP and updates) I have written a simple ASP app in C# which attempts to access MSDE via a We...more >>

I am only trying to connect to a local host . I am on Windows 2000 Server with sql 2000 server. My error is the classic "SQL server does not exist or access denied" I went to the MS site & they tell me what I know......"some" permissioning issue. I had this code working 2 months ago o...more >>

I'm trying to log on to SQL Server 2000 via an ASP.NET page using SqlClient with integrated security. I get the error message "invalid login NT_AUTHORITY/ANNONYMOUS". I believe I have all the correct web.config settigs correct because I can get the page to work as long as it is on the same...more >>

Hi, We have a web server running ASP.NET app in DMZ zone provided by Cisco PIX firewall. The web application is sending user id and password to the database server. What is the best practice to make the connection string secure? Thanks, Ali ...more >>

Hi, I have an ASP.NET web site that uses IIS Basic Authentication and accesses an OLAP Server at various stages. The OLAP Server authentication mechanism relies on Windows accounts and therefore when a new user needs access to the system we must create a new Windows user account for him. Th...more >>

In order to try to get my app more locked down, I made the username=machine. It works fine on my computer, but when I put it on my test box, it blew up says: Server Application Unavailable The web application you are attempting to access on this web server is currently unavailable. Please ...more >>