I have an ASP.NET 2.0 application using Forms authentication with a SQL 2005 Membership provider. I can get users logged in OK, but it is not clear how to log them out without timing out the session? How can this be done? I'd like to provide a logout button and log the user out in the handl...more >>

Hi, The web utility in VS.Net 2005 for managing security: Users, Roles and Access is great, but once I deploy to the web server, how can I access the web utility? I couldn't find anything in the docs that worked. Thanks in advance, Donald ...more >>

Hi there!! I am relatively new at ASP.NET. I have built a web app using ASP.NET / VB.NET with data being stored in SQL Server 2000 (SQL Authentication). This app is going to be used inhouse. The specific URL will be given to selective people. Now I am not sure how I can prevent unauthorized e...more >>

Hello, We have an existing site with members and we're using the default membership system for ASP.NET 2.0. The original developer set up membership with clear-text passwords and we'd like to change to enrypted passwords. Does anyone know how to change the member's passwords behind the ...more >>

Hi all, We want to be able to log to the event log when an error occurs in our web parts. Currently we cannot do that under SharePoint because it throws an exception. Below is the code where is fails: EventLog log = new EventLog("Application", ".", "MyThing"); log.EnableRaisingE...more >>

Hi, guys, I'm trying to migrate one of my application written in .NET 1.1 to the new 2.0, and keep the Form type Authentication for the login part, which should only show the LogOff tag on the banner to logged-in users. Currently I'm having problem to show the LogOff tab after valid user logi...more >>

I love Web Apps in ASP.NET 2.0 because you can easily deny users access to pages by role or user. But for desktop client to webservice methods, I am not sure what to do.... I am looking for the simplest and safest method or pattern to have my Desktop client be able to call a web servic...more >>

I have developed an ASP.NET 2.0 application using localhost on my Windows XP workstation, and it all works fine there. I tried to copy it to my test web server, which is a domain controller running Windows 2000 Server SP4. I can't get it to work on the server. For testing, I created a simpl...more >>

Hello, I am trying to achieve Forms Authentication using Asp.Net 2.0 across multiple servers. I've gotten it to work across applications on same machine. I generated keys for the machine element and placed it web.config on all machines. <machineKey validationKey="key goes her...more >>

In my current database I have passwords that were hashed and then stored using the following method: public static string Encrypt(string cleanString) { Byte[] clearBytes = new UnicodeEncoding().GetBytes(cleanString); Byte[] hashedBytes = ((HashAlgorithm) CryptoConfig.CreateFromNam...more >>

Hi All, My machine.config contains the following setting. <httpRuntime executionTimeout="90" maxRequestLength="4096" useFullyQualifiedRedirectUrl="false" minFreeThreads="8" minLocalRequestFreeThreads="4" appRequestQueueLimit="100" /> I want to extract the value for max request length...more >>

Hello all. Just after some help with handling page security. I'm writing an app that has a number of companies. Each company has a number of employees, standard stuff. If I have a user who is a member of one company, they can request to see all the that companie employees, however, if t...more >>

Hello, Can anybody help me in solving the following problem. My web application needs to access all the certificates (the entire certificate chain) provided by the client side. As far as I can see, HttpRequest.ClientCertificate gives access only to the end-entity certificate. Is there a possib...more >>