From googling my problem before posting, I learned that this seems to be a very common problem with Web Services and dotnet. I read through countless articles and suggestions but still could only find one way to fix my problem, which IMHO, is not acceptable. First let me explain what's happen...more >>

hi i created a user in sql server under login then i went to the database and under users i added the user and them gave the user permissions to select from the tables and execute the stored procedures but when i try to pass the user in my connection string i ge Access to the remote server is ...more >>

Hi! I'm just curious about the use of cookies in forms authentication. The username and roles are stored in the encrypted cookie, but if a user manages to crack this cookie - will he be able to modify his own username and roles? Why doesn't ASP.NET simply use an ordinary session, with nothing ...more >>

Hi, I'm experimenting with forms authentication which I've got working (it's based on some technet stuff.) One thing however, is confusing me. A cookie is created based on the authentication ticket and there seem to be a number of expiry/expiration values. There's one in web.config in ...more >>

Hi guys, I was wondering if anyone knows if the .NET framework has a library or methods that I can use to diallow users from entering HTML tags and more importantly JavaScript into textboxes and being stored in the database. Thank you in advance. Henry ...more >>

I created a simple aspnet application which contains an imagebutton object. The imagebutton's ImageUrl property is set to : images/myimage.gif (the myimage.gif file is present in the /image subdir of the application folder) The ntfs permissons on the application folder as well as on /image ...more >>

We have developed two sites that both use forms authentication and have objects with custom principle interfaces and identity interfaces. I would like to use the same principals for both sites and load behind the scenes I have tried the following scenario 1) Create a web service that automtical...more >>

Our network policy is that passwords must be changed every 90 days... so 14 days before the password expires the user begins to get prompted to change their password....once this prompt begins, most of the web applications I have written in Visual Studio .NET begin to break. On some of them, ...more >>

I would like to store some Role Information in a cookie since I cannot use Session in the AuthenticateRequest method. I thought of encrypting the cookie using Rijndael Algo. for provider. I would generate a 16 character key store it as a Cached object and replace it every 20-30 minutes, if the...more >>

I have written a webform page to respond to a users post on the web site. This worked on the test site which had anonymous turned off. I then moved it to the regular web site (copied the files, reinstalled the FP extension) and chaged the setting for anonymous use. but when I try to post the form...more >>

I had many ASP.NET web applications that I created before I had to rebuild my machine. After a fresh install of XP Pro, VS.NET 2003, etc, I now get the following when running them. Note that I've already added the following to the web.config file just before the <appsettings> section: ...more >>

I am developing a asp.net web based service application for our product I am trying to trigger a reboot of the server based on a user request I believe I have all the appropriate code for AdjustingTokens etc an all those calls seem to succeed, however, the final call to ExitWindowsE is failing w...more >>

I'm trying to get the PathInfo propert for the current URL request in a class file, but I can't get it to work. Here's what I've tried so far: using System.Web; String PathInfo; PathInfo = HttpContext.Current.Request.PathInfo(); I've also tried "using System.Web.HttpContext;" It gives ...more >>

I am using ASP.NET and Access as the database. I would like to use role-based authorization for the login page. Can anyone help me?...more >>

I have an app that writes to a custom event log (which is created at install time with a custom installer DLL). My app writes just fine to this custom log when running on Windows 2000 Server but when I try to run it on Windows 2003 Server I get "Access denied" errors. I'm using impersonation ...more >>

Hi, Apologies for cross posting like this, but I wasn't sure on the best group to post to and I didn't receive much of a response to my original email in microsoft.public.dotnet.framework.aspnet.security. My application currently has a rather large security hole in it which I need help with a...more >>

Hi folks, I hope to get some of your advice on an authentication question that came up during the planning of web app. I'm a bit new to asp.net, so if you can offer some experience, I'd greatly appreciate it! I like form-based authentication because the usernames and passwords can be store...more >>

I've tried with a simple program in vb.net but when i'm going to decript in my messagebox appears this message: PKCS7 padding is invalid and cannot be removed. I've found this few lines of codes in this site: http://www.dotnethell.it/articles/article.aspx?ArticleID=93 I've trasform in vb.ne...more >>

Hi Everyone I’m working Windows 2000 Professional with IIS 5.0 and Framework 1.1. In my current project, I had to use Windows Authentication. The problem is that even if I use right credentials, the LogonUser Function (P/Invoke) always return false. But if I uninstall ASP.NET 1.1 and then try ...more >>

hi all i just set up a new win 2003 server with framework 1.1 (on old server 2000, all worked fine) i gave the following rights to the following users: e:\wwwroot aspnet read, execute, listing e:\wwwroot\web aspnet read, execute, listing i didnt touched the rights automatically...more >>

All, When i use .net FRamework 1.1, for my web application, i get an error saying "A potentially dangerous querystring was detected from the client...." I have read the posts related to this and it seems this is due to some SECURITY FEATURE in 1.1!!! My code used to work in 1.0!!! now when t...more >>

Hello all Is HMAC-MD5 supported on the .NET 1.1 framework? Some of the information that I have come across seems like it indicates that it is not supported What I am trying to do is to generate a trust_key based on this TRUST_KEY = HMAC("MD5",Secret_key,user_id), I am not sure how to implement t...more >>

Hi there everyone, I'm new to this newsgroup so I hope you don't mind me just asking a question, but it has been working me for way to long now and I need some help. I'm fairly new to ASP.NET and VB.NET but have been cramming for weeks now and hit a snag.It has to do with forms authentication in ...more >>