I have a subfolder protected with Forms Authentication. When any page in that folder is requested my login page comes up and the user is prompted to login. This works fine. Once the user info is validated I create a cookie and setup the FormsAuthentication. The problem I get is that the Re...more >>

For authentication we are using an external DB. I can use Forms authentication and use the loginUrl="MyLoginForm.aspx" just fine. But for authorization, we cannot use a static list of roles for people, their authorization depends on factors which change as they use the system. We must determ...more >>

In the forms authentication construct, I need a way to prevent ticket IssueDate and Expiration from being updated for a specific page only. By default forms authentication updates these two values whenever a page is requested and slides these values forward. Is there any way to forgo this procce...more >>

In my web application i am reading the data from excel file and inserting the records into the database.(In ASP.net C#) for some users i am getting exception "Access denied" at the following line of the code. Excel.Application=new Excel.Application(); for some user it is working fine. In ...more >>

I'm having trouble with a domain cookie and forms authentication. We have several sub-domains so we create a domain cookie for forms authentication purposes: cook.domain = ".mydomain.com" All is good with the world.. I can go all over the place and get in to my apps... Great .. except now I...more >>

Hello, I am developing an ASP.NET application that allows users to enter data using web forms, then run an EXE when they click the appropriate button. The EXE needs certain security rights not available to the ASPNET user. After playing around with impersonation, I found that even using...more >>

Anyone knows about a .NET (1.1) PGP class library, either from public domain or commercial? Thank you, Michel ...more >>

I am trying to configure my forms authentication so a certain page is not subject to a redirect to the login page. This seems like it should be a simple thing to do with a <location> tag, but its just not working. Requets to the page (public.aspx) specified in the <location> tag are still be...more >>

Could someone please recommend the best way and how to obtain the last inserted userid of users (security) table using the Button click event of CreateUserWizard? In classic Asp and Asp.net 1.x I used the @@identity to get the last inserted record of my custom table, but now I don't know how Asp...more >>

I'm using Forms authorization. In my <forms> section I have timeout="30", but when I examine the cookie, it shows it expiring in 2055? Why? <authentication mode="Forms"> <forms loginUrl="/login.aspx" protection="All" timeout="30" path="/"> ...more >>

Application has a webform where user can edit/modify some information that are stored in database. When I show data to user, I must somewhere memorize ID of database record that is currently edited. Where to do that? So malicious users can not chage that ID (of current edited record), a...more >>

iI have a web app that currently gets the userID from a 509 client cert. Works great. A new client wants to interface our web app in a WebSphere Portal with a single signon for their clients so they want to call our default page via a post and pass the userID in an encrypted query string. ...more >>

Hi All, We have an asp.net application on a windows 2003 server which is part of a domain controller which my worksatis is too. We have impersonated in our applciation with a fixed identity account which is also a domain account and is part of the admininstrator group of the webserver.The a...more >>

Howdy, I just learned how to use Forms Authentication. yeah me! However, it is quite limited as to how much information you can store and retrieve from it. For example, in my past ASP and ASP.NET applications I have used the session state to store a user's IS, Fullname, security level, emai...more >>

Hi all, For reasons I would rather not go into, I sometimes need to get the value of the forms authentication cookie and use it later when submitting another request to the server. mostly this works fine but sometimes it seems that the server decides to change the forms authentication cooki...more >>

Hello, I have a web site with : - A Private Press Area - A Back-Office For the BOffice, i used : Authentication Mode Forms, to a form with cookie and ticket. And used a web.config avec deny users pour le repertoire de BackOffice Je souhaiterais utilisé la même formule pour mon Espace P...more >>

Hi all, I really need your help on this problem. (no help for 1 day goolging). I use form authentication on my 2 simple aspx pages. User is redirected to login.aspx, then see the main content page. I use LDAP to verify the user from a domain named Dserver where the AD = users locate. Eve...more >>

Hello, Using cookieless roles based security. Setting HttpContext.Current.User = New GenericPrincipal(id, Split(userData, ", ")) in Global.asax Application_AuthenticateRequest On my desktop works fine. Server side nada. Any ideas? Thanx Jim ...more >>

Howdy, I've written a few apps already and I have done custom authentication like so: prompt for user name and password, verify information against SQL table, then load returned username, ID, security, etc. into session state. This works and frankly I'm not sure why i'm posting this except ...more >>

I've written a web service that returns some user-specific information. I'm calling that web service from an InfoPath form as managed code: MsgBox("Calling WhoAmI service", MsgBoxStyle.OKOnly, "OnLoad") Try svc.Credentials = System.Net.CredentialCache...more >>

Hello I have an asp.net website that uses the login control and a custom build membership provider. The site is running fine, but the problem is that i cannot use it in a frame from another site. When logging in the login screen just reapears. It will however give back a message if a wrong u...more >>

Hi, I wanted to use impersonation in an asp.net web service application. The following line was added to the web.config: <identity impersonate="true" userName="user" password="12345"/> If the user is not added to the administrators group of the computer it won't work. \ Is there a better...more >>

Hello, I've created several ASP.NET applications for our Intranet. Since we don't want everyone to access all applications, I've added some limitations in the Web.config: <authorization> <deny users="?" /> <!-- Deny anonymous users --> <allow users="specialty\pafo" roles="specialty\Sale...more >>

I've searched long and hard thru the groups for similar issues but unfortunately I cannot still resolve my issue. My issue is that I've moved webservices from a W2k server to a new Win 2003 server. The service I'm having issues with is built with C# but accesses a VB6 COM object (which is re...more >>

We have a development web server (Windows 2000 Server) and a production web server (Windows 2000 Server) both are running IIS 5.0 and have the .NET Framework 1.1. We have asp.net fixed identity impersonation running on the development server and it's fine. We moved the website to the pr...more >>

Hi Everyone, I am using Microsoft's Visual Studio .Net 2005 Beta 2 Team Suite. I am trying to create new user with the help of CreateUserWizard, I right click the control and clicked customized and added new fields like First Name, Middle Name, Last Name, Phone etc. This new fields which I h...more >>

Hi, I wan't to implement an reusable login framework which extends on WindowsIdentity to provide additional attributes which can be filled from the AD or a Database. Is the best method to implement IIDentity or to inherit from WindowsIdentity. If the latter, can someone post a sample on...more >>

All, OK, so I'm working on a template for our new ASP.NET applications. Part of this, includes using the new menu and breadcrumbs control in ASP.NET 2.0 (I'm using beta 2). I put the hierarchy of the applications and navigation in a database, and am able to pull that into the app by inhe...more >>

I think my other question is that: According to this article http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetAP05.asp in Table 4(last one) it says that : <identity impersonate="true"/> <authentication mode="Windows" /> then everything would be under the co...more >>

hello, i have been scouring the groups for the best possible solution to this problem, but can't seem to find my exact scenario, so hopefully someone can get me back on the right path. my situation is the following: i have a asp.net app that uses formsauthentication, and in the UserData fie...more >>

Hi I'm working on a WebApplication which uses Forms authentication. What I'd like is for a user to be able to open two browserwindows and login as two different users. However it seems like IE & FireFox uses the same cookie across Browser instances, so all my Session variables are shared ac...more >>

Hello, I am working on a test site to explore the new login controls and membership features of ASP.NET v2.0. I have tested the controls using SQL Express and have now decided to try using a central SQL Server 2000 database. When I use the all of the included controls with SQL Express every...more >>

I am trying to write to the event log using the following code from a aspx page benhind code. Function WriteEventlog(ByVal LogName, ByVal MachineName, ByVal Source, ByVal EventMessage, ByVal EventID, ByRef Category, ByRef ErrorResults) ***values ...more >>

Hi I am developing web application through which i've to write and read the values from the registry. When i set impersonate property to "false" it is displaying exception " Requested Registry Access is not allowed" so then i changed impersonate to "true" and it is reading values from the regi...more >>

Hi When am trying to open the asp.net web application am getting the following error. " visual studio.net can not create or open the application, the likeliest problem is that required components are not installed on the local web server. Run visual studio setup and the web development compon...more >>

We are using **NTLM** as the authentication type.If I use this in my ASP.NET application : <identity impersonate="true" username="MyUser" password="123"/> <authentication mode="Windows" /> and MyUser is the local account of the box which hosts my web application ,then can I connect to a r...more >>

We have an asp.net application with <identity impersonate="true"/> and <authentication mode="Windows" /> in our web config and we are using Windows integrated in IIS and also NT AUTHORITY\NETWORK SERVICE account in its application pool. I create an object in Global.asax which monitors a folde...more >>

Hi I work for a company that has user and user roles in the database and a very, very complicated long list of rules on how to let a person see the data from a page or control. My question is I want to re-write the security object and I am looking for suggestions as to what the best way to...more >>

Hi All, I am using SQL Server 2005 Beta 2 version (NOT SQL SERVER EXPRESS EDITION) in my system named 'MySys'. I am developing a web application, in which i am using Membership services for storing my user's credentials. Now Have i to register SQL Server 2005 with ASP .Net, because, AS...more >>

I have a question on the ValidateRequest directive at the Page level. I ran into a case where my querystring was filled with some value that contained the '<', '>' symbols. I promptly got this error back from IIS: =============== 403: Access Forbidden Due to the presence of characters k...more >>

I'm using the RijndaelManaged example from MSDN, tweaked slightly to return a string. Encryption goes well, but when I use the Decrypt function, the return value is in the format of "1234 Notice there is no ending quotation mark, so when the value is used in a report, it looks like 1234☺, w...more >>

Using a webservice in asp.net, I make a call to Directory.CreateDirectory(@"c:\test") and this works fine. I can create any directory anywhere on my local machine. Now, I have an iomega NAS on the network. (There is not a domain). This drive does NOT use permissions and essentially everyon...more >>

Hi All I have installed SSL Certificate in my IIS and when I redirect to Https IE shows a Security Alert Dialog. Is there anybody who knows how to disable or block that Security Alert so that when any user access my Secured Page he will not get Security Alert Dialog. Any help will be appreci...more >>

Hello, I've got a serious Problem from out of nowhere that I'm not able to solve. Can someone please help me here? I'm trying to instantiate a Xslt document build in as a resource using: htmlTransformator = new XslTransform(); using (Stream mrs = typeof(MyType).Assembly.GetManifestRe...more >>

We have developed an asp.net web application which provides the user with a form to allow them to update configuration settings in the web.config file as well as other config files. The asp.net web page calls a c# dll to update the config file. When we do this we get an access denied error...more >>

Hi all, I need to find the size of a file which is located on a remote unix box.I have been given Samba mount acces for the shared folder through which i can access the file. I am using Fileinfo object to find the attributes of the file.When i use the Fileinfo object from a console application e...more >>

Hi, I am currently developing a web site that will use "Forms" authentication. I am having an issue in which the "Forms" authetication works only one time. Any other session after that are redirected to the web forms that require authentication, which results in an error, because the page i...more >>

Hi Techies, I am using Forms authentication for my asp.net i had given session time out as 500 and also Forms time out also 500 even though its getting expired soon may be 4 minutes of Idleness its getting expired see the forms auth configuration below <authentication mode= "Forms" > ...more >>

I want to restrict access to files (on local and remote servers) without requiring users to log in to my ASP.NET application. The users are on an intranet, anonymous access is disabled and Integrated Windows Authentication is enabled. Now, how can we determine if the current authenticated u...more >>

Hello, I host an ASP.NET application on a computer and from that computer, I want to connect to a database on an other computer. When I place the database on the same computer, everything works just fine, but when I place the database on the other computer, I can't connect to it. I've tried j...more >>