I am running Windows Server 2003, Visual Studio 2003 and SQL Server 2000. I created a simple data access page but I am getting the following error Login failed for user 'NT AUTHORITY\NETWORK SERVICE Exception Details: System.Data.SqlClient.SqlException: Login failed for user 'NT AUTHORITY\NETWORK...more >>

Reposting as a MSDN subscriber... Hi, I am trying to make a call to a web service using HttpWebRequest. HttpWebRequest finds SSL server cert from the 'Trusted Rooot CAs' store of 'Local Computer' but it does not seem to find SSL client certs from the 'Personal' store of 'Local Computer'. If I ...more >>

When I try to debug an ASP.NET application, VS.NET pops up saying "Error while trying to run project: Unable to start debugging on the web server." and "Click Help for more information." When I look at the IIS logs, the DEBUG verb is returning a 401 error. Here's what I've tried: 1. Checke...more >>

My company has been using Site Server 3.0 with Personalization and Membership to both control access to our ASP based site and to provide user attributes to all of our ASP pages based on the logged in user. This was all pretty automatic in P&M and ASP. We are looking to move away from this and...more >>

Hi, Why following code returns exception: System.Web.HttpException: Session state is not available in this context. Do i have any other alternative? Thanks, Ali protected void Application_AuthenticateRequest(Object sender, EventArgs e) { if (!(HttpContext.Current.User == null)) ...more >>

Hi We have a .Net web application on Windows 2000 Server with IIS 5.0. We need to authenticate through "Active Directory". Can any one help me out or give pointers to configure IIS to authenticate using "Active Directory". Quick response will be greatly appreciated Thanks and Reg...more >>

Hey I'm a bit a newbie when it comes to asp.net and every site I have visited has just lead me in circles. what I need is just a simple login thing that checks your username against a XML file that stores username pass and then grants access to the restricted site if some one could show me a s...more >>

I am trying to create an account that my app will use for impersonation. I used aspnet_setreg.exe to create the encrypted values for username and password, and set my <impersonate> tag accordingly. I have also (temporarily) given my asp.net service account local admin access. I still get "err...more >>

Hi, I just set up a new box and am trying to get into a web project. I moved from Windows 2000 Server where this app worked fine. Now I get this error message when opening the solution file: The project location is not fully trusted by the .NET runtime. This is usually because it is either a ...more >>

Posted this several days ago, no responses. Trying again... Anyone know of a .NET utility that can mimic NT password creation, obeying certain complexity rules like: 1. Password can't contain any part of email address 2. Password can't contain any part of username 3. Password must have 3 of...more >>

Hi, I try to use roles in a ASP .NET application after users are athentified in this way : Dim sRoles() As String = {"User1", "User2", "User2"} With Thread.CurrentPrincipal Dim gi As New GenericIdentity(.Identity.Name) Dim gp = New GenericPrincipal(gi, sRoles) AppDomain.CurrentDomai...more >>

I'm having a wierd problem using HttpWebRequest/HttpWebResponse when posting to a third party server via https to process credit card transactions. The WebException (SecureChannelFailure) I am getting occurs during the call to GetResponse() (see code below) and returns the message 'The underly...more >>

Here's what I am thinking: We have a corporate domain. And I don't want to have to get Corp IT involved whenever I want to add an outside user to one of my applications or change someone's roles. So, how can I have my own domain I would like to be able to support internal Corporate accounts as wel...more >>

Hello, Can anyone suggest how to handle th following problem: 1. I've changed userName and password attributes in <processModel> in machine.config to make aspnet_wp.exe run under my local account. 2. But now the following code in my .aspx fails with exception: using System.Web.Mail; Sm...more >>

I made a web service which comminicates with a smartphone. On the server the web service writes some files, and the client should download them. But the files the webservice wrote have no read/write rights, so the client is denied to download them. How can I add read authority to a file I crea...more >>

hi all i want to prevent Multiple Logins on my asp.net application! i dont want that a two users can login with the same username and password how may i do it? pls send details thx in advance ...more >>

I have an app that would normally return only a few hundred or possibly a couple of thousand records at once. Right now I have a page view that allows the user to see one record at a time and navigate the RS using First, Last, Next, Previous. Of course the navigation is all on the back end. I...more >>

NT AUTHORITY\Network Service is the account used by default to run ASP.NET in Windows 2003, how may I change this account in order to use other custom account? ...more >>

Hi, I am still confuse after reading MS documentation on how Constrained Delegation works and hope that someone enlighten me. Here's one of my confusion. Servers: IIS FileServer Windows 2003 functional level domain. Running a ASP.Net file upload web application that upload files to a...more >>

Is the a security reason why microsofts example for forms authentication retrieves the authentication ticket from the cookie at every request rather than just retrieving it from the current identity? I know the problem about authentication issues between sites if the form name is the same. But is th...more >>

What is the easiest way to troubleshoot security issues? I'm trying to set up a delegation secnario, which I wrote an question about yesterday. Something isn't working in it, but I feel kind of helpless to even know if what I think I set up is actually what is happening in the background. Fo...more >>

I am trying to implement a Secure Intranet using asp.net and Windows authentication. I've set the web.config file as follow <authentication mode="windows"/> <identity impersonate="true"/> <authorization> <allow roles="domain\admin"/> </authorization> IIS has anonymous access disabl...more >>

Hello! I am trying to figure out in C# how to force a server to refresh its list of security groups from an Active Directory. I can not modify the registry or change the default group policy refresh interval set in the domain policy (Q203607), and my application can not wait 90 minutes fo...more >>

I've developing an ASP.NET C# web application and until recently, everything was running fine. Now, if I File.Delete on a file in a specific folder, I get the 'Access to path C:\inetpub\wwwroot\pages\forms\training.doc is denied' error However, it is only on this specific folder. If the code execu...more >>

Every time i convert a form from vb6 to vb.net and then open up the newly converted project, all the controls are shifted to the top left of the form. This happens only when in design mode, in the actual code and when the applicatin is run, the controls are displayed in the right locations. can ...more >>

I'm writing an asp.net intranet application that allows the current user to manage their user folder on a shared network drive on the same domain as the webserver. These user folders have permissions set up for the current user. From what I understand about IIS/Integrated Windows Authenticatio...more >>

Hi, I have a default page which allows the Users to enter their credentials which provided they are valid they are allowed to move to subsequent pages within the web site. Now I see that it would be far better to have a default screen that anyone can go to, where subsequent access can be tw...more >>

Access is denied. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.UnauthorizedAccessException: Access is denied. AS...more >>

In my ASP.NET (C#) application, I can use = HttpContext.Current.User.Identity.Name to get the name and domain (e.g., = DOMAINNAME\USERNAME) of the logged on user. But I can't seem to figure = out how to get that users' Windows groups (i.e., I need to get a list of = all the Windows groups that ...more >>

Thanks for your answer! But i have another question. Tow types roles is an simple example. If i have 1000 roles,and i want to display his role name in my page.How to??? like: You are vip user or You are mov user or You are xxx user .... .... .... Can i do like this? if (User.IsInRol...more >>

Hi! In a nutshell I am attempting to do the following from my ASP.NET application: I want asp.net to act as a different user than the one that is currently logged on when performing request on server resources (calling mid-tier, SQL Server, file servers, etc). The following i...more >>

Hi, Using Forms Authentication, I have all my users and role definition in two tables on sql database. Considering recommandations in Microsoft Knowledge Base Article - 311495, I have a performance concern!! Based on my underestanding, upon every page request, Application_AuthenticateRequest...more >>

Hi All I have written a website in DotNet (C#) which uses Role-based Security with Forms Authentication When a user logs in, their roles are retrieved from a SQL Server database and an authentication ticket is created. My only problem is that a User should only have to login every few mont...more >>

I'm getting a little overwhelmed with security with a problem I'm having. Basically I have a network share on a separate server than my web server that I need to access from an aspx page. This is an intranet application, and every user will be using IE. I've disabled anonymous access on IIS, an...more >>

s there any possibility to redirect user (after having authenticated him to some custom aspx page, not the original that he requested and whic caused him to be shown the logon screen now, when I call if(IsAuthenticated(user,password) FormsAuthentication.RedirectFromLoginPage(user,false) ...more >>

I am complete new to ASP.Net and still trying to find my way around, and all help is appreciated. I am using FormAuthenication to secure a web application I am building. Every pages (barring a few expecptions) are secured by using Authentication and Authorization tag in web.config. My probl...more >>

I have been searching for an answer to this in vain. Currently we have a hard coded SQL account for all of our ASP .NET applications. We want to use an SQL Server trusted connection instead. In the documentation I find that I can map all users to a single domain user such as the following <identit...more >>

Is there a way of calling a web service with client certificate authentication with managed code only? The problem is how to easily extract the certificates from the certificate store owned by the user/process running the client web service process. best regards kåre ...more >>

We are having a strange problem with NT credentials being lost while accessing another resource on the same server. Here is the scenario: Step 1 ------------- Client A makes a call to a method in a C# DLL that resides in Server A using Windows Auth (correct settings in web.config and IIS...more >>

Hi, My web site uses a form authentication : all pages are protected except home page (to log in). Everything is ok in development step but when I install the site on our customer server : - everything runs good when i access the site from the server (http://localhost:port) - I can'...more >>

Hi all, I've been scouring the newsgroups hoping to find an answer here. I have an site in IIS that uses integrated authentication. When I run my code on my development machine, it works. When I post the code to my webserver, I get the subject named error. If I physically go to my webserver ma...more >>

It's posible to use Forms Authentication and a Custom Principal? I noticed that all methods related to FormsAuthentication are assigning automatically the HttpRequest.Current.User (Principal) with a GenericPrincipal, I'll like to use my own Principal without loosing the benefits of FormsAuthenticat...more >>

I have a new computer with XP professional. NTFS is enabled along with the simple file sharing disabled. When I run a asp.net program that writes out to an xml file I am getting the following messag Access to the path "C:\Inetpub\wwwroot\DotNet\MoviesAmusements\MandA.xml" is denied I have gone...more >>

I design my project base on roles FormsAuthentication. with following config: <location path="other"> <system.web> <authorization> <allow roles="vip"/> <allow roles="mov"/> <deny users="*" /> </authorization> ...more >>

Hi all, I have a web site which is currently protected by forms authentication which is working fine for the main part of the site. Within this web site though, I have a directory called "Admin" which contains classic asp pages. I would like this directory to be behind the same authentica...more >>

I want to prompt to my asp.net application clients to renew their forms authentication ticket before it expires, any suggestions. Thank you for any help. Justin...more >>

I'm having trouble with my security model, and I was hoping I could find = some help. My ASP.NET app (that uses RS) is going to be running in an intranet = environment. So, to develop and test it, I have installed everything = locally (i.e., IIS, RS, SQL Server, VS .NET 2003) on my Win2k Serv...more >>

Hello I can't seem to get IIS to work on my Windows XP Professional PC. I'm getting the following error in IE: "[code=CANT_CONNECT_LOOPBACK] Cannot connect due to potential loopback problems" I formatted my drive, installed XP again, and then installed IIS. I'm getting the same error Could so...more >>

I have the following aspx and code behind to put a checkbox in repeater. There are several problems: - CheckBox2_CheckedChanged works well. But I want to know who is being checked, i.e. how can I pass userid back as an argument? (I can get checkbox client ID or checkbox text, but they do not ...more >>

My custom role-based authentication was working before and now it stopped working and it drives me crazy because I have no clue why. Here's the scenario: I am using a single login page for multiple web applications across different servers. The login page writes a cookie containing the us...more >>