Hi , How can I clean user inputs to protect sql injections ? ...more >>

Hi All, I have an intranet application that uses ASP.net Windows authentication. It has been working flawlessly for the past year. Recently, one employee has experienced a problem accessing the site. *When the user first re-starts his computer and connects to the site, it recognizes him a...more >>

Hi I have a site that runs in an intranet environment, therefore the authenication method in IIS is 'Integrated Windows authentication' and no Anonymous access. In my web.config <authentication mode="Windows" />, works fine. We want to release the site to the internet whilst maintaining...more >>

Hello all, I have a problem with retrieving roles. In the login form, I do the following things; - Retrieve roles (string, format like "Administrator|User|Guest") - Create a FormsAuthenticationTicket with these roles as parameter - Crypt the thicket, create a cookie with this ticket - Stor...more >>

System.UnauthorizedAccessException: Access is denied. at System.DirectoryServices.Interop.IAds.SetInfo() at System.DirectoryServices.DirectoryEntry.CommitChanges() at CreateVirtualDirectories.Dal.CreateWebVirtualDirectory.Create .... tried on the local development box and it had...more >>

I have a problem that I've spent a considerable amount of time researching and still haven't quite found the answer. I have an intranet web server in Domain A if Forest A. This server contains a website which in turn contains two files TestAccess.html and TestAccess.aspx. Both files have sec...more >>

Hello, Here are 3 layers of my web application (3 tier architecture) UI (ASPX using C#) Business Layer (C# class libraries) Data Access Layer (C# class libraries) Any ideas how to strong name a ASPX web page (UI)? Since ASPX assembly is technically not compiled until JIT, I even wonder i...more >>

HI I donot ahve any idea how to proceed. but my requirement is= somehting like if the user click to the logon button on a= webpage automatically he gets logged on with his name. how can= this be achieved? i donot want to authenticate him thru userid= and password. I just want to take his...more >>

Hi everybody, I've seen many examples of web.config file where I can give permission to users or roles, for example: <authorization> <deny users="?" /> <allow users="*" /> <allow roles="admin"/> </authorization> I want to use "form autentication" but I don't know how to creat...more >>

Hi. I am using forms authentication in ASP.Net against Active Directory. I have followed the example provided by Microsoft. Here is my problem. Standard practise for AD Administrators is to flag the account to change the password when he logs in. Also that passwords expire after 30 days. ...more >>

A short and hopefully simple question: I'm using log4net to log to a text file. The text file is located in the root of my webapplikation. How do I restrict access to this file? Thanks. Nikolaj...more >>

Hi, Are there limits to asp.net impersonation? I'm using CrystalReports.Net to print from an asp.net application. Although my diagnostic Label3.Text= System.Security.Principal.WindowsIdentity.GetCurrent().Name; indicates I have configured impersonation correctly, <authentication mode="...more >>

I am developing an application over the web(intranet app). Now my problem has to do with secure communication between browser and webserver. I want to enable secure communication using https. Are there any alternatives other than buying certificate for virtual directory ? Thanks for all yo...more >>

I am running IIS6 on a Win2k3 server. I have an ASP.Net app (C#) that a user logs into and then I use LogonUser to validate them and log them onto the server. I have Windows Authentication ONLY checked on the site in IIS. My problem is that eventhough I am using LogonUser to log on to the ...more >>

I am trying to connect to a Microsoft Access database, located on a different server. I am using ASP.NET and the code I am using works when run from my local IIS, but it does not work when I deploy the project to the web server. The database is not on the web server or my local machine. I a...more >>

The user has indicated that the application seems to be kicking her out, even though she is sure that she is submitting a form faster than every 30 minutes. I thought that I had set the Web.Config on the ASP.NET application to time out after 30 minutes of inactivity, but maybe I don't have som...more >>