Microsoft: If you email my passport account directly, I can give more detailed info & a telephone number to reach me. I've found that browsers can download dll's directly from my website's bin dir. In the following examples I've replaced my actual company name with "Mydomain" or "Mycode" etc. ...more >>

Hi, We're using the IExtractImage interface from behind a .NET web service to generate thumbnails for various files in our network (windows domain). Impersonating etc. is all ok - if a user logs into the web service we can open the file, delete the file, etc. Everything behaves as expected. ...more >>

Hi there, Here is a scenario that I 've been asked to look into. Can anyone comment on this... I have a Web App that uses forms authentication to secure sections. Say for example that a user is logged in and authenticated to use secure sections of site. User then proceeds to navigate to some s...more >>

Hi all, I'm creating a web application that attempts to restrict access by checking the IsInRole function for the desired roles. This works for accounts that are local to the machine, but for some reason when I use a domain account that is not local, there are no roles available. When I ins...more >>

Hello. Running IIS 6 and ASP.NET, the only way an application can access SQL Server seems to be as "NT AUTHORITY / NETWORK SERVICE" (or an alias specified in the <identity> element within "web.config"). This is analagous to the "ASPNET" user for IIS 5 and ASP.NET. In a secure (SSL) web run...more >>

Hello, I have a web application that uses forms authentication. I have been asked to implement a feature that logs users out automatically if they navigate to a page outside of the secured portion of the web app. This request means that cookie timeouts won't work, it needs to be an instant thing...more >>

Hello, I get the following error when executing an ASP.NET-Web-Application. The Network-Service has acces to the Temporary ASP.NET Folder, also he has access to my WebRoot-Folder for the application. What must I do that the Application can run without this error. On my developer machine ev...more >>

Hi, I'm working on a webapplication, most part is for anonymous access, but for one part login is needed. All the files after login are in one particual folder: "/login". Usernames and passwords are stored in a tabel on SQL Server. The loginpage and Web.config are in the root of the web. ...more >>

I have a webservice under IIS6/Win2003 Server. When I try to invoke a method that have a strong type dataset as parameter for update in database I receive on the client the follwing error: Http error 413 request entity is too large. I mention that this dataset is very large (about 1 Mb) and ...more >>

does vb.net allow for locking the vb app? i.e., similar to leasing the sw where the user has to contact the developer on fixed intervals for a licensing code to unlock the software? also is there a dll for web sites to release the license code via web page or even directly from the vb app? ...more >>

Hi, I am reading directory information (directory name and size) on another server. I am impersonating a user account via web.config. This account has admin rights but I get this: "Exception Details: System.UnauthorizedAccessException: Access to the path "\\crwfs1\projects13\HR Test" is denied....more >>

Hello, I'm a little uncertain about what I'm asking so please be gentle. I (think) I want to be able to identify and authenticate the currently logged on user against the Active Directory. We have a 2000 domain server and 2000 clients on our network. The idea behind it all is am storing d...more >>

do you know why if i've got an entry in the web.config like this: <location path="Reportistica/Cruscotto"> <system.web> <authorization> <allow users="Domain\MArio"/> <deny users="*"/> </authorization> </system.web> </location> it works instead if i've got an entry ...more >>

I have a partner company that has a web site that I need to gain access through the web site in my company. I need to be able to log into my site and then have somekind of way to then access this other site that also requires a login in a way that allows me to pass a set of credentials to this o...more >>

Hey all, Working on revamping our Intranet here and making use of the LDPA, Active Directory, Directory Services, etc. that .Net provides. I am still fairly new on this subject, so the problem I have run into I am not sure how to fix, and really not sure what is causing it. Here's what is...more >>

Hey all, I would like to preface my question by stating I am still learning ASP.net and while I am confident in the basics and foundation, the more advanced stuff is still a challenge. Ok. :) We are looking at redoing our entire Intranet, starting over from scratch, as a .Net websi...more >>

Hi, To start with, i'm not too sure if this is the right group to be posting in so please let me know if these is a more suitable one. I am trying to get my head around the mechanics behind .NET web applications accessing SQL databases located on another pc. My current scenario is that both...more >>

What's the different between using UseDefaultKeyContainer or UseMachineKeyStore. Thanks, Johanna Espinosa L. *** Sent via Devdex http://www.devdex.com *** Don't just participate in USENET...get rewarded for it!...more >>

I'm using and overloaded RSACryptoServiceProvider rsa = RSACryptoServiceProvider(CspParameters cp) indicating the container name through cp.KeyContainerName property, but I don't understand what different make to stablish PersistKeyInCsp option to true and how to identify if the container alread...more >>

Hello, I'm just a beginner so please bear with me. I have two csharp projects under one solution and I'd like users to hit the login page and get redirected to a solution depending on their id is. I'd appreciate if someone can post some examples or give tips. thanks ...more >>

Hi there, In forms based security do I have to arrange pages into subdirectories in order to secure them? I want the public to access my home page and public content but want to restrict other content only to those for whom I've granted a userid. Seems like I must organize all the private...more >>

This is driving me nuts: I've used this same exact setup (web.config, see below) before without any problems... the authentication does not stop at the logon page AT ALL. I've put breakpoints in it to be sure, plus, there's no code at all in my Load event handler for the Logon page. It seem...more >>

Our site will allow uploading of files to the server. What technique would I use to check for viruses? Do the anti-virus vendors supply an API? If so, is there a common API they all share?...more >>

Hi, Can a .NET application make use of the information within the Active Directory in order to Authenticate and Authorize users? For example users from a specific group have been authorize to use a number of features in the application while users from another group have not. I know t...more >>

Hi I am trying to set up an asp.net application where I want the client to have to provide password and user name everytime so do not want to put the cookie file on the client machine. Just wondering if there is a way to do this? I am thinking of using forms authentication, I will be using a datab...more >>

value="\w+([\{-\~\[-\' -\&\(-\+\:-\@\/])"...more >>

Hi, I am trying to make a request from a web service to an external site which uses https. I have a certificate (.p12 format) from them. I have performed the following steps: 1. Exported the certificate to DER encoded .CER file. 2. Imported the certificate into the Trusted Root CA of the...more >>

Hello, all. We are interested in moving to ASP.NET from ASP, and wanted a few questions answered for those in our department somewhat uneasy about new technologies -- one particularly important one having to do with security; we're keenly interested in building secure applications in the face of ...more >>

Hello all. I'm writing an application that is writing trace information that can be viewed in trace.axd. I would like to rename this and use a different name specific to my application. I know the name of this is set in machine.config. I was hoping it would be possible to change this in web.co...more >>

By example Client token = new UsernameToken("juan", "1111", PasswordOption.TextPlain ); Server protected override string AuthenticateToken( UsernameToken token ) { ncadena = '1111'; return ncadena; } This sample go well but if the passw...more >>

OK - I know this subject has been hased out many times before but I can't seem to figure this out. I have a Web service that needs to write to a logfile. The log is an XML file that is located in a subdirectory "logs" that is located under the application root. I have granted the local ASPNE...more >>

I installed VS.NET 2003 on an XP/Pro Client. Also, MSDE 2000A. This configuration works fine. When I attempt to use another SQL Server on another machine I get one of two messages: 1) Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection. (If I used Wi...more >>

Hello, This seems to be a common question, but all the posts I see do not have a clear answer. Here's an excerpt of my WebPart code: ************ Imports System.IO Dim oFS As FileStream oFS = File.Open([PermPath], FileMode.Open) If Err.Number > 0 Then ... ************ It compiles fin...more >>

Hello peoples this is a question regarding security of windows application I want to add another property (the UserID) to System.Security.Principal.IIdentity My code looks logical (at least to me) and does show the property 'UserID' in the Intellisense But when I try to use it anywhere throughou...more >>

I have a VB6 Windows Form application that calls a VB.NET Assembly. I can successfully call any test method in the assembly (like return "hello world"), but one method in the assembly uses calls to System.Web.HttpUtility.UrlEncode. That causes this error to be returned back to the VB6 app: ...more >>

Hi, I need to verify that a certificate is coming from a valid certificate authority. Does anybody know where I could obtain a list with that information? Thanks, cj ...more >>

Please pardon my ignorance with this one, but I am pounding my head against System.DirectoryServices and have an idea. Why not simply turn off "Anonymous User" access to my website, and let Windows provide the login of the person viewing the page through a call to Request.ServerVariables("LOGON_...more >>

Hello there! I have developed a .net web application. In this I am having some .aspx files and one web.config file. All the files are in same folder. In my web.config file I set authentication mode as 'Forms'. I also have login.aspx fine in my app. Now when I try to access any page directely (wi...more >>

Hello, I didn't know where else to post this. If this isn't the right group, could somebody point me in the right direction? We are using the HttpWebRequest object within a winform app to connect to a vendor. This vendor requires us to perform some validation on the client certificate fro...more >>

Ok I admit to being new at this and having problems getting my head around IIS. So if you can help me I will much appreciate it. I have a login page with a hyperlink on it that directs to a page for new users to enter their details. When you click on it the the browser does not go past the logi...more >>

Hello I'm trying to play with impersonation. I added an identity tag both with and without the userName/password attributes and I get this error on my workstation ------------------------------------begin-------------------------------------- Error while trying to run project: unable to start d...more >>

We have some/few visitors to our site who can't login to our Secure area of the site and have been able to in the past. We just upgraded our web server and for about a day we had certificate problems and it was prompting people whether they wanted to trust the certificate or not, I'm possibly th...more >>

How I can issue web forms authentification cookie that can be used by both applications located on same server(server wide asp.net cookie)?I've one users' domain but asp.net encrypts .ASPXAUTH cookies differently for these two applications What can I do with it?...more >>

How to exclude an aspx page from the Forms authentication of a asp.net web application. It means when ever user requests for that page it should not redirect the request to a logon page to collect credentials. I have forgot password page which needs to be accessed by the user without authentication...more >>

I am developing my ASP.NET application with VS and the ASP.NET server on the same box. When I attempt to access protected (in web.config) pages locally, inside or outside of VS, it incorrectly lets me in without asking me to log in. On a remote box, it behaves correctly. I have other apps on tha...more >>

Hi All I am quite new to asp.net and have been following an example of using Forms authentication on a web app. I believe that i have coded this OK but when i enter the username and password I do not get redirected to the start page (webform1.aspx) here is my WEB.config <?xml version="...more >>

Hi, I have a web site that uses normal windows authentication. I have a web service on the site that i want to configure Forms Authentication for, but it obviously doesn't fire unless i change the setting in web.config. is it possible to use formsAuthentication only for the web service? i t...more >>

Hi I am trying to add a user to a group in Active Directory using System.Directory Services But when I CommitChanges() I get the following exeption: (In swedish, I use a swedish version of XP-pro) "Egenskapen TxIsolationLevel för den COM+-komponent som skapas är starkare är TxIsolationLev...more >>

Hi We have a requirement to process "digitally signed" XML-based software licenses using an ASP.NET web site, hosted on an ISP server. I read an excellent article (http://www.codeproject.com/dotnet/xmldsiglic.asp) describing how to produce key-pairs, create a key container and then use these keys t...more >>

How do you add new users programatically using Forms Authentication in ASP.Net? There must be a way to do this besides editing the web.config file by hand or attempting to modify the web.config file using an XmlDataDocument. This is a requirement I have to meet for a project Admin users must ...more >>