In Asp.net forms authentication. In order to restrict certain files from anonymous users the settings in web.config should be <deny users="?"/> which will not allow anonymous users. My doubt is, Though .NET classes are able to detect the difference between the anonymous users and authenticate...more >>

We have deployed an ASP.NET application on 20 servers in different locations, and it is used daily by about 300 users around the country. Every couple of weeks at one location or another, users cannot get into the application. The Default.htm redirection page displays, but then, instead of ...more >>

Hi, I am trying to create a site that will be used by both employees and external users, so both types of users trying to access the same pages. In the case of an employee on the intranet, authentication needs to occur via Windows integrated authentication. If the user is NOT on the intra...more >>

Hi, I'm working on a web application using asp.net, vb.net and SQL 2000. I'm using web form authentication to control the access of the application. I'm trying to force the user to go back to the authentification page after a timeout occurs. The Session seems to expire but the cookie (no...more >>

I've done a ton of searching on this error and have not found any solution that actually solves the problem. My environment is Windows XP Professional with SP2. I'm using VS.NET 2003 and .NET Framework v1.1. I created a brand new ASP.NET application to ensure that some other aspect of my re...more >>

I am working on asp.net application what should I do so that if any user directly types the url other than "mainpage.aspx" of my application, he should be directed to "mainpage.aspx". I am managing user access by enabling and disabling the links on the web page depending on the user. cheers...more >>

Hi, I am trying to work out how I can find the number of users in a role. So that I can lock the application after a certain number of users are added to that role. Does any one know of decent reference material in dealing with windows users and roles? Cathie ...more >>

I want to display the user's Windows Login ID on the webpage designed in ASP.NET using VB.NET. Can someone give some sample code to do this. I am desperately looking high and low for a solution. With warm regards, Dolphus Pereira -- dolphusp ------------------------------------...more >>

Hi everybody, I made my first ASP.Net application and deployed it. There came an error on the server: What may be wrong in web.config file , or do I have to put it on to the root of my site. Thanks for any help. Arif Çimen. Server Error in '/' Application. -----------------------...more >>

I occasionally get the following message when I try to start up my ASP.NET application on my development system after a rebuild. Rebuilding and then rebooting usually seems to fix the problem. This is in Visual Studio.Net 1.1. The solution includes a main program project that refers to a libr...more >>

Hello, I unable to see ASPNET user in Active directory 2003. I installed asp.net on windows 2003 & IIS. So please tell me how to create ASPNET user in Active Directory 2003. Thanking you Gunjan Desai ...more >>

When I enable impersonation in web.config and show User identity in .aspx page, it is the user IIS authenticates. But when I try to access Sql server, I get an access denied error message. It looks like asp.net does not impersonate it at sql server side. I can impersonate a specific user in ...more >>

I am running my ASP.NET page under IIS in Windows 2000 Pro. I need to make a call to the Win32 LogonUser function to get a logon token. How can I get security permission to do this while running under the MACHINE account for ASP.NET? -- ----------------------------------- Ken Varn Senior...more >>

I have a Win2K server in a DMZ without domain access. My C# ASP.net page can not see the DirectoryServices namespace. I found a KB article on the security issue with this, but I don't have domain accounts to use from the DMZ, and don't want to set the machine.config properties for all aspx...more >>

With Forms authentication and SQL Server, MS recommends creating a User table and storing user names and password hashes to that table. http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT03.aspThey go on proposing a Roles table and so on.I wonder why not just ...more >>

When using Forms Authentication with the SlidingExpiration attribute set to 'true', the authentication ticket is reissued sometime after half of the timeout value specified has elapsed. From the documentation: "To prevent compromised performance, and to avoid multiple browser warnings for use...more >>

Hello, I have been charged with building an ASP.NET website at work. Some of the pages (like head count info) need to to be secured. One of the requirements is that the site use NT Authentication for the login form instead of creating new passwords for everyone. My question is how is the...more >>

Can anybody help, I?m pretty new to .NET but followed the instructions for the following. How to authenticate against the Active Directory by using forms authentication and Visual Basic .NET http://support.microsoft.com/default.aspx?scid=kb;en-us;326340 Got the authentication working but ...more >>

Hi, I'm developing an asp.net application. I'm using form authentication. All runs with page aspx, but when I try to connect to a protected file diverse to an aspx (such as a PDF file) and I'm not authenticated , the application download the file instead of redirect to the predefined login p...more >>

I have found the GenerateKey method for SymmerticAlgorithm based CSP classes, but I can not find any way to create a public/private pair for use with AsymmerticAlgorithm classes. In particular I need a key that I can use to sign hashes with. Thanks for a pointer to the right item. ----------...more >>

I use forms authentication for my app. After I log in successfully each request by the browser contains 2 cookies. One for the SessionID and one for forms authentication which contains my ticket. Can someone please explain where these cookies are stored? I think it is in memory in the browse...more >>

Hi I trying to create a new directory "newdir" but i get the error: Exception Details: System.UnauthorizedAccessException: Access to the path "c:\inetpub\wwwroot\MakeLab4\newdir" is denied. I think i have to grant the necessary permissions. Where can i do that because in the explorer i c...more >>

Hi I am developing a site with ASP=2ENET which involves displaying PDf= ifles using acrobat activeX control=2E To avoid a user to directly= open a PDF file using the path of the file I am trying to= implement security for the files using the article "Protecting= Files with ASP=2ENET " post...more >>

Anyone using the Security Application Block from the Enterprise Library? I have a rather embarassing situation where I've setup the database and configured my application to use this block. I have added users to the database using a web form, but I am unable to login using any of the new use...more >>

Using Visual Studio C# When I ran the following code: System.IO; private void Button1_Click(object sender, System.EventArgs e) { //FileStream fs = File.Create(Server.MapPath("test.txt")); FileStream fs = File.Create("C:\\MYSAVEDFILES\\test.txt"); StreamWriter sw = new StreamWriter(fs)...more >>

Greetings! I am attempting to secure the root of an IIS virtual directory and an = Admin subdirectory separately from one another. At first, I attempted = to create an additional Web.Config in the /Admin folder to direct = unauthenticated access attempts to URLs within this directory to a = ...more >>

When I got Visual Studio setup and configured to remotely debug c# ASP.NET applications on a development IIS server I apparently changed something on one of my .config files. (1) When I login into my workstation using my domain account and connect to our development IIS server User.Identi...more >>

Hi, Can someone point me in the right direction on a really simple access control issue? Here is the situation: 1. an app on a client computer connected to internet and executes this kind of code: acceptor = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp); ...more >>

Hi All Using VB.Net I have tried unsuccessfully (firstly with a Web App.. and IUSER_MachineName permissions ) to write to the registry. So , now I've tried from a windows application, and same result ie key.SetValue("pwd", sValIn) ' = ERROR: cannot write to the registry key ("Run-time ex...more >>

Hello, When I was trying to open one of my ASP projects somewhere else, I got the following error message: Error while trying to run project: Unable to start debugging on the web server. The project is not configured to be debugged. They suggest to click the Help button. When I do that I ge...more >>

I'm making a project for school. In school everything worked, but now that I've took it Home. I get following error message if I want to run it: "Error while trying to run project: Unable to start debugging on the web server. the project is not configured to be debugged." When I look to the we...more >>

I am having troubles accessing a different Domain Controller than the one I am currently in. Any help would be appreciated. Dave ================================================= Access DC_1 Access DC_2 Machine_1 in Domain_1 Works Exception Machine_2...more >>

I am building a reservation system for a client using ASP.NET and VB.NET. They want the ability to create customers and invoices in the application and then export them into QuickBooks. No problems there. My problem is QuickBooks is stored on one server and the application will be run from ...more >>

I am a newbie on ASP.NET. I am creating an asp.net application (with C#) which will have a number of screens. The backend database for this app is SQL Server. The user is required to login and we have to be able to control which users have access to which screens and if they have read only or u...more >>

I am deploying a web form developed in VB.NET using an OleDB connection to an Access DB. I am able to deploy the app with the DB residing in the same folder to the web server and get it running. I now want to change the configuration so that the the DB does NOT reside anhywhere in the web d...more >>

Hi, I might have missed this perhaps, but here's my query: I am presently designing a site that is for public use in general. However, several forms (pages) I need authentication from members. For example: default.aspx is allowed for everyone, but members.aspx isn't (and so are various ...more >>

So - i guess your backend store is AD ?? If yes use the classes found in System.DirectoryService to query for the name - or wait till Joe Kaplan jumps on the thread :) --- Dominick Baier - DevelopMentor http://www.leastprivilege.com nntp://news.microsoft.com/microsoft.public.dotne...more >>

I've been told by my developers to increase the asp.net session timeout to 72 hours. Being a server guy, it concerns me because of the obvious potential for denial of service due to resource consumption. Basically, it is an asp.net application that runs ssl and may take some personal informatio...more >>