Hi All, We will be using form authentication in out website. We have two totally different types of users in our site. Type 1 Has 2 different roles in it Type 2 Has 3 different roles in it The data we collect for Type 1 is very different than Type 2. That's why, we want to use tw...more >>

I have a C# .net website that requires a login. My company has purchased a Verisign Certificate for this website. After a user logs in to the site, I want to apply the certificate(the Lock). In my C# code I use Server.Trasnfer(MyPage.aspx) to go from one page to the next.. How do I direct the...more >>

This may be a dumb question, but does anyone know where the Forms Authentication cookie is kept on an XP box? It definitely isn't kept with all of the other cookies in "Documents and Settings/Username/Cookies". I know Microsoft recommends setting the path as "/" in the Web.config, but wher...more >>

Hello all! I have been reading alot of post on this. I have doubled checked my permissions, and tried everything else, still no luck. Here is the setup. I'm running SQL 2000 on two machines, one developer edition, one standard. My develope is on computer "A" which is also where I have Visual S...more >>

Hi, I have a function in my webapp that the user push a button to get a URL to the page he's on. The prupose is that the user may store the URL and later paste it in to the adress field in IE. Since the appplicaiton uses FormsAuthentication the user is redirected to the login page if he i...more >>

We are in the early planning stage of a new web (ASP.NET) application, are currently determining the best strategy for managing users in this application. Our application will be a mix of internal (ie. company employees) users, external users (third party associates, etc.), and the general pub...more >>

Hi, I am using windows integrated authentication for my asp.net intranet application. basically, I have to pass the windows username & password to login to the Active Directory for that user to update his/her profile. I could get the name of currently logged-in user using: User.Identity.Name ...more >>

I am trying to dynamically load a dll which specifies different rules for evalution with the following code. DataRow dr = ds.Tables[0].Rows[0]; string fileName = Convert.ToString(dr["RuleLocation"]); assemblyInstance = Assembly.Load( fileName ); typeInstance = assemblyInstance.GetType( "MSF.St...more >>

Hi, I am using Web Matrix Project as .NET programming environment. Can you show me detailed steps how to import the .ocx library into the Web Matrix Project. I can't seem to be able to import other assembly than .dll, .exe or ..mcl . I am pretty new to the .NET programming environment, and ma...more >>

Passing true for the second parameter of RedirectFromLoginPage creates a persistent cookie. When does this cookie expire? ...more >>

Hi everyone. I'm creating an app that stores DB connection strings in the web config file. I'm using the MSDN resources at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secmod/html/secmod21.asp and the related articles for help. However, when using the code in the above a...more >>

This is a multi-part message in MIME format. ------=_NextPart_000_0026_01C4D536.46D30000 Content-Type: text/plain; charset="windows-1255" Content-Transfer-Encoding: quoted-printable Hi, i use Forms authentication in my vb.net asp web application on the login page i set the authenticat...more >>

hi All In my appliction history.Back is working at my local host and woring properly but when i upload the apllication and run my appliction from web the history.back is not working please help me as soon as possible -- THANKS. Regards TARIQ. -- THANKS. Regards TARIQ. ...more >>

Is it easy and seamless to import html table and text from Photoshop to vs.net. when designing the website interface? Or is it a headache? ...more >>

Hi ! I am using Forms authentication in my web application , but after authenticating used it is again redirecting to Login page..... How to resolve that issue. Thanks Ankur ...more >>

Hi, I am using Windows 2000 and .NET Framework 1.1 and am using impersonation to pick up details from a fileserver. Normally this works however when we reboot our server the deligation of credentials does not work, it simply comes back with a "Access to the path is denied" message. To fi...more >>

I have one workstation which holds some text files and I want to merge these files into one text file and want to print data from merged text file into aspx page. The aspx is using local aspnet account which does not have access to shared network folder name (\\computername\folder). What is the b...more >>

Hi, I have an asp .net site which uses Forms authentification. In the Web.config -------------------------- <forms name="CommerceAuth" loginUrl="https://www.mysite.com/golden/login.aspx" protection="All" path="/" /> ----------------------------------------- When I click on any protected pa...more >>

I am trying to create a virtual directory using ADSI, with the following C# code: string Server = <srv>; string ApplicationName = <app>; DirectoryEntry root = new DirectoryEntry("IIS://" + Server + "/W3SVC/1/Root", adminusername, adminuserpass); // look up the virtual dir DirectoryEntry a...more >>

Hi There, I have been scanning the newsgroups for a solution to my problem and have found that a few others are also experiencing the same problem but none of the solutions provided to them seem to work for me. I have a native Win32 application (written in C++) that needs to encrypt some...more >>

I want to use FormsAuthentication and allow access based on role. I have a /Admin directory on the web app, and want to allow role "admin", but deny all other users. /Web.config: <authorization> <allow users="*" /> <!-- Allow all users --> </authorization> /Admin/Web.co...more >>

Hi ALL. I have the configuration: 1. WinXP PRO with MS IIS 5.0 and installed ASP.NET 2. ASP.NET application A configured to authenticate only users from local Users group. I would like to de the following: Logged on user is able through ASP.NET-Pages to change its own Logon ...more >>

When using Forms security, aren't all pages protected by default ????...more >>

Hello, I'm using Forms authentication, and it works well. If user is not authenticated, he is routed to the login page. However, this doesn't work for downloads. If I have a file located in the restricted area and put a direct link to it - anyone can download it. Why is this? I expected t...more >>

Am trying to automatically query and update DHCP servers via a web application with VB.NET. Testing with a privileged account, defined thus in web.config: <identity impersonate="true" userName="<domain>\<user>" password="<password>" /> Have also modified machine.config thusly, and restarted...more >>

I have a quick question about ASP.NET roles. I have the following in in Global.asax: protected void Application_AuthenticateRequest(Object sender, EventArgs e) { Response.Write("Request authenticated: " + (Request.IsAuthenticated ? "yes" : "no") + "<br>"); if (Request.IsAuthenticated...more >>

Hello, I got some sample code off the MSDN website on how to loop through a group in active directory and list the members. I can run the code from a console app but I cant run it from an ASP solution? I get the folowing message: "The specified domain either does not exist or could not be ...more >>

hi, i'm devoloping an intranet application based on ASP.NET and windows integrated authentication. how can i force the log out of a user to force the IIS to re-ask the credential to the browser? thx ...more >>

Hi All, Could anybody advise me for the following.. I want to restrict access to a subdirectory in an web application which has "integrated windows authentication". I have set the directory security for the sub directory for a particular group. But when the link goes to the page in the sub dire...more >>

This one just came out of the blue! One minute it is working and the next minute, it drops dead with the error below... =========================== Parser Error Message: It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error c...more >>

I have two sites on separate servers configured. When I query a page that returns information on security/user context, I get two different replies. On Server 1: HttpContext.Current.User.Identity Name IsAuthenticated False AuthenticationType WindowsIdentity.GetCurrent() Name MAC...more >>

I have been trying to move our web apps into their own AppPool so we can run it under a specific domain account and hit our DB servers. Whenever I change the identity of the AppPool to "DOMAIN\MyUserAccount" I get the infamous "Service Unavailable" page with the following event log entries: --...more >>

I was hoping that someone can give me step-by-step instructions to fix the following: We would like our ASP.NET application to utilize a central file server for uploads and downloads. I have tried creating a virtual directory to the external file server on the web server and just referenci...more >>

Why I always get 'Requested registry access is not allowed' when i try to Read/Write to Windows Registry from ASP service. I use ASP NET account? Also granted full permissions to required Registry keys. What is the problem? TIA ...more >>

Take the following directory structure: AppRoot (configured as a IIS Application) -> bin -> dirA -> dirB -> dirC login.aspx web.config Ok, what I want to do is controll access to everything in the appRoot and then, based on a role, allow access to dirA, B, C etc. I am currently...more >>

I've been working on a Web Part that can update Active Directory for some time. I'm trying to give SharePoint administrators the ability to add users (which requires the user to be in Active Directory before he is added to SharePoint). I also want to give regular users the ability to u...more >>

How can i read values from Machine.config From ASP.NET...more >>

Okay, maybe I'm just not seeing things correctly. I have an asp.net web application (framework 1.1) that only five people in the ProjectManager AD Group are supposed to see. I have the following issues: Even though I have: <authentication mode="Windows" /> <authorization> <allow us...more >>

I'm currently trying to strengthen up the security on a large ASP.NET application (a web content management system). The primary objective is to prevent people from evesdropping for passwords and other sensitive information, with a secondary objective of preventing Harry the Hacker from hav...more >>

We are developing an ASP.NET web application with web services which links (2 way) with the Microsoft CRM via its SDK using Windows Authentication. By using Impersonate=true in the app's and web service's web.configs, authentication works fine over DNS and credentials are passed in correctly. ...more >>

Hey Group, After a long week end I am back again. Its nice and refreshing after a short vacation so lets get started with .NET once again. Today we will discuss about Isolated Storage. This is one of the topics which I find interesting as I feel that it has a lot of practical usage or app...more >>

Hi, I have a login page which does not redirect the user once the code has been executed, see below. Whats strange is it works perfectly on my localhost when debugging, however it fails to redirect when depolyed to a remote server. Am I missing any IIS settings or anything? The login pa...more >>

hello can anyone help me making user in active directory , I wrote a code, but it could't work, could anyone correct it. thanks in advance. Sub example() 'Put user code to initialize the page here 'Try Dim AD As DirectoryEntry = _ New DirectoryEntry("LDAP://m...more >>

I'm having problems with WindowsPrincipal.IsInRole. It's returning false when it should return true. I've written some test code that uses reflection to call the private _GetRoles method of WindowsIdentity. That gets the same list of roles that IsInRole uses. It returns a long list, but ...more >>

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT09.asp I am following the above article to implement DPAPI User Store to store Credit Card Info in my database. I am doing exactly what the article says. I can encrypt and decrypt from the same machine but...more >>

Hi, I'd really like to see my intranet asp.net pages with other browsers, = but I'm having a problem when it comes to connecting to SQL Server. My = intranet site is configured with Integrated Windows Authentication & = Basic Authentication; anonymous access is disabled. I only get these = ...more >>

I've been toying with an asp.net diretory browser and have been trying to use system.net.webclient.downloadfile as a means to download files from the webserver to the local machine. However access to all paths isn't valid (for obvious security reasons). Is there a work around for this, or a ...more >>

Hi after read this article i wanted to try the security feuteres in .net. In the artcle they claim that you should use it eg. like this: [System.Security.Permissions.PrincipalPermissionAttribute(System.Security.Permissions.SecurityAction.Demand, User="Joe")] public void test() { // Some s...more >>

Hi, I am trying to access a mapped drive(its a clearcase mapped drive) using ASP.NET on win2003 server but am getting error as Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error ...more >>

Hi, I'm pretty new to security issues and understand that might question is pretty basic. But here we go: I have a simple webform app; In application root (Intepub\wwwroot\appname) I have a folder that contains a single text file. Only those who has an access(readOnly) to that folder(or ...more >>