Configuring Windows Auth & Forms Auth in Asp.Ne Hi, I've configured a web app to use windows authentication and also set up two separate subdirectories to use forms authentication. It appears to work fine but I have never seen a sample that demonstrates both in the same web.config and I don't like ...more >>

Hello all I wonder if the great and the good of this esteemed forum might shed some light on a problem of mine... Three servers in a domain: one Active Directory server, one SQL Server and one IIS. IIS hosts an ASP.NET Web Application which requires that users log on through a web form, are...more >>

Hello; having similar ASP=2ENET security issues=2E Upgrading a number of ASP classic apps to =2ENET and have= everything done but cant figure out how to get the security to= work correctly=2E Under the ASP Classic implementations security was NT Groups= based=2E Various Groups were crea...more >>

hi, i am using 3des encryption with a secret key to send information between 2 aspnet applications. they both know the key, which is a hard-coded string. i have read about using aspnet-setreg to securely store such a value in the registry, but i have a different query. if i open the dll in note...more >>

I am trying to create pages that are viewable without a login, but if a person does login I want certian pages to display customized content. For example, I have a calendar page that loads up to anyone. But on the same page I want to restrict showing the hyperlink to "Adding a calendar Event" to so...more >>

Hi I am looking for a way to ensure that an asp.net site (using forms authentication) performs a sign out automaticall after a period of time where there has been no activity by the user Any ideas would be appreciated Jonathan....more >>

I have aproblem. I develop my asp.net site at my pc (named PCMANOS)(running IIS) and I have the SQL Server at another pc (named ATHDC). I've already created an IUSR_PCMANOS user account at ATHDC and I've given the appropriate priviledges to read and write from the database. When I test the site f...more >>

Dear Sir, I want to change password of users in active directory by asp.net form.this is my code, but i recieve error could anyone help me to solve it. thanks Protected WithEvents newpass As System.Web.UI.WebControls.TextBox Protected WithEvents btn1 As System.Web.UI.WebControls.Butto...more >>

Hi, I have a problem in that I have 2 applications writing to the same Database. One App is web based and the other is windows/forms based. Both have the same job in that they can reset a users password in the database. Both are using SHA1 encryption however they both ghive different results wh...more >>

Currently I have succesfully implemented role-based folder security using roles and web.config in each folder. This works great - if a user is not authenticated or a member of an allowed role, that user cannot access the resource (woohoo!). When the disallowed user tries to access the resource, ...more >>

Hi all, By default .cs files are protected from downloading by adding ".cs" to the HttpForbiddenHandler in machine.config. How to ALLOW (exclude from HttpForbiddenHandler) a specifig file (myfile.cs) to download ??? TIA Dan Ackermann ...more >>

I posted this message in dotnet.framework.security, and was told to repost it her Alright, I've been trying to figure out the solution to this problem for a few days and I'm officially stumped. My web app server, Machine A, needs the ability to create a file(xml) on my db server, Machine B. The...more >>

Hello=2E Here's my problem=2E I have an e-commerce site with a= login & checkout pages needing to be secure=2E To enforce these= pages to be ssl I simply put in the page load: If Not Request=2EIsSecureConnection Then Response=2ERedirect(Request=2EURL=2EAbsoluteUri=2EReplace("http:",= ...more >>

Hi, I am using the fairly standard code below to do my forms authentication ticket and redirect, however, I am finding that once successfully logged in, I don't get another log after I close the browser. Is there something I need to do to let it know that if the browser closes they should ...more >>

I'm reading myself into security and ASP.Net. I have written some demo code and now I'm wondering how you deal with exception handling when you use declarative security I have a method with the following attribute [PrincipalPermissionAttribute(SecurityAction.Demand, Name="Patrick")] priva...more >>

(Type your message here) I have the same problem when executing the code below. It returns me a "126" error from kernel32. Dim sContainer as String = "sample_example_key" Dim sProvider as String = "myprovider" If Not (CryptAcquireContext(lHCryptprov, sContainer, sProvider, PROV_RSA_FULL, 0))...more >>

Hello, I am having a permissions problem when creating a directory. The relevant bits of my code look like this: // impersonate current user: WindowsIdentity ident = (WindowsIdentity) HttpContext.Current.User.Identity; _context = ident.Impersonate(); _name = ident.Name; _isauth...more >>