Hi all, I will highly appreciate your help to me if you help me with one (or both) of the following 2 problems: I have the following on my machine (Windows Vista build 5308) successfully installed: 1) VS 2005 Standard 2) Sql Server 2005 Standard 3) Windows SDK February CTP (5308) 4) Mic...more >>

I have been working on some sample applications to proof new security enhancements as far as roles based and authorization based security. I am using a trest active directory, forms based authentication with the form control, and the AzMan.msc tool to create my roles and policy XML file I am ...more >>

Hi All, i am reading some info from registry in my asp.net application this application is working fine in case of windows xp but when OS is windows 2000 access denied exception is thrown while trying to read registry key. How can i fix this problem or can give aspnet rights to access registr...more >>

I am deploying a asp.net 2.0 web app to a server farm and have followed the instructions from http://channel9.msdn.com/wiki/default.aspx/Channel9.HowToEncryptConfigurationSectionsUsingRsaInAspNet20?diff=y and http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/PAGHT0...more >>

Dear friends, I'm using IIS request.clientcertificate.certificate to get Certificate. Now I need to put this certificate into CAPICOM.certificate object Is there a way to do this? When I triyng to do this I'm getting CAST error. Thanks for your help Best Regards...more >>

Hi, I've created a site and when I want to open it I get a (windows)screen to log in, I don't want to get this screen, so the password and login must be passed along in the hyperlink. How can I do that? mvg, Fré ...more >>

How do you retreive the user id from the persistent cookie when using forms authentication? ...more >>

Hello, We have a need to customize the CreateUserWizard and we put a DropDownList control in there. And we are filling that DropDownControl ( _drplDealers) in the page_load event of the code behind page on which the CreatUserWizard control is existing. This my Page_load event thats fill...more >>

Hello, I'm actually looking for a way to authentificate users from the authentification base SAM of a WindowsServer2003. I have to do it from a web-page wrote in ASP.NET(VB). During my searchs I've found some technology wich could be helpful. It's the Windows WMI and ADSI. But I'm still a s...more >>

Hi I am using .Net Framework 1.1. There are some XSL files in a folder of my web application. I want to restrict a user from directly accessing these files - e.g. I want to display a forbidden page when he types the URL http://Myserver.com/MyApp/XMLFolder/pqr.xsl However the ASP.Net applica...more >>

Hi all, I am trying to develop a ASP.NET web application. I want to use Forms Authentication for authenticating the users. But, instead of using Oracle user id and password, can I use Integrated Security? I tried the same with Windows Authentication, and it did work. But for Forms Authentic...more >>

I'm working with my windows tech support guy on trying to give an ASP.NET 2.0 web app I built, adequate permissions so it can query active directory for user roles created using Authorization Manager. If we go into the application pool properties on the web server, and on the Identity tab, se...more >>

Is there some way to configure a service account used to run an ASP.NET application pool to delegate identity only to specific virtual directories or application pools on a remote server? From what I've read, I've only ever seen constaining delegation down to the HTTP service on a web serv...more >>

hi, Is there a way when a New User is created through the ASP.NET 2.0 new user control that he is placed into a default Role? I'm using VB and I would think I probably have to create a stored procedure to the aspnet db. I'm not sure if there is just a way to set the default....more >>

Hello, I am new here, but I would appreciate some help... I need to have a login that checks against the AD, and if that fails, checks against a separate database. The reason is that we want all members of the organization to get it with their current credentials in AD, and people outside...more >>

I was trying to set up adhoc providers so that users can be managed for sub-sites by the sub-site owners. I figured I would just copy the existing user over from the default provider so that I could maintain the same UserId across applications. However, I am a little confused about lines 103 a...more >>

The following message was originally posted to microsoft.public.dotnet.framework.aspnet .... I have been following several threads between David Thielen and Luke Zhang [MSFT] regarding the ActiveDirectoryMembershipProvider as used for ASP.NET 2.0 Forms authentication, but I receive a sli...more >>

Hi there, We have 500 users on our network. I'm writing a web system (asp.net) where you can create a user and give them access to various sections of the site. To create a user you select and existing Active Directory user and just attach their permissions (to see different web pages/opti...more >>

Hello, I am trying to build a web app that sits "on top" of SharePoint, but I am having trouble with the Windows login. Here is what I want to accomplish: 1. The user will log into my application using non-NT credentials (stored in DB). 2. My code then determines if this person is (for s...more >>

Hi, I have a site with an admin folder that is protected with forms authentication. I just want 1 admin user to be able to access it but to use my own user authentication for the rest of the site. I did have it working using an asp.net 2.0 login control and the credential specified in the w...more >>

Hello, All I am trying to open named pipe from ASP.NET. As I have found it is not possible due to the ASPNET account restrictions. Just wonder if there any tool that can show me what rights ASPNET account has? Can I grant ASPNET account rights to open named pipe or better certain pipe (the ...more >>

I use ASP.NET 1.1 Form Authentication. The site has login, contents and timeout pages. I set timeout to 10 mins. I can set to redirect login page using form authentication. But it cannot set to redirect timeout when session timeout. I want to redirect to timeout when session timeout. Ho...more >>

hi all, in formsauthentication, the global.asax event Application_Authenticationrequest() event should run once before the page httphandler runs, correct? because the global.asax inherites the HttpModule class, but I am see some odd behabivor when using formsauthentication in 2.0. on th...more >>

I am in search of some suggestions regarding how I should emplement security in a system being developed. System architecture: A web application is exposed to the internet. Behind a firewall is a series of web services. The web services communicate with a SQL server 2000 database through...more >>

How can I change the feature whereby a new registered user is activated by default after registration? Thanks ...more >>

Hi, Is it possible to use ASP.NET Forms Authentication in Web Services? or should I use WSE 3.0 UserNameTokens? I have to call the web service from a Web App, a Windows App and a SmartPhone app. Thanks Henrik Skak Pedersen ...more >>

Hi can someone help me clear my doubt ? Our company apps is using Dot NET windows int authetication to login . By typing DOMAIN\xxxx . Is there anyway to hide the domain name but still can enjoy the windows intergrated auth benefit ? My main objective are: 1)Hide the domain name , use...more >>

Hello, We trying to build the complete Member ship and Role management system in our website and build this functionality into our website for the Admin role rather using the ASP.NET Configuration thats comes default with VS 2005. In Visual Studio 2005 for any website we can create and man...more >>

When my users log into my web app they do it using Windows auth. Now, when they do something that needs to call our WebService that updates WSS, one of the things we are currently doing in the constructor of the service is: Public Sub New() MyBase.New() m_Svc = New M...more >>

Hi I have a intranet app that is using Windows authentication. I want to set up a log out procedure that takes them to a page where they can choose to log back in. In FormsAuth I did this using: FormsAuthentication.SignOut() Response.Cookies.Clear() Session....more >>

When I attempt to use any of the Membership class functions (eg getAllUsers()) to access my db from my web app, it is my mydomain/processidentity attempting to log in to sql server, and this is failing as this id has not been granted access in sql server(on purpose). I am using windows authentic...more >>

I am trying to enable password retrieval using the AD Membership Provider with Windows Server 2003 as my AD machine. I have followed the examples out there and have been able to update the AD schema with the 5 new attributes and add them to the User class. However, when trying to run the websi...more >>

- If I wanted to use my own DB tables to store user account information, AND wanted to use the 2.0 login controls, do I need to implement the Custom Provider? - How do I give each user their own directory when they register on my site? Something like www.mydomian.com/username ...more >>

We have set up a impersonation on our web application. The service accounts credentials are stored in the registry. This user account is passed to our SQL Server. Excerpt from web.config: <identity impersonate="true" userName="registry:HKLM\SOFTWARE\AppName\identity\ASPNET_SETREG,userN...more >>

I have developed a usercontrol which is downloaded from a web site and executes in Internet Explorer. This control writes files to the user's temp directory on the local workstation. The control has worked fine during development but fails when executed from a web server that is not localhos...more >>

Hello, I have a portal in ASP.NET 2.0 which has a login page for users and a sepearte login for admin. the folder structure looks like so.. /users/ profile.aspx login.aspx /admin controlpanel.aspx login.aspx The reason I have two sepeparte login pages is because ...more >>

Hi I have a site protected by membership og it works great. In some pages I would like to log a user in in "pure" code without controls. I see a validateUser but not a LoginUser-method. How can I do this? Thanks ...more >>

I have a asp:Login control with an OnLoggedIn="Login1_LoggedIn" method. The first time through the method the Context.User.IsAuthenticated = false. The 2nd time I log in, it is then true. Anyone know why this is, am I doing something wrong, is there a way around it? protected void Login1...more >>

Hello All, I've set the timeout as 720 in the web.config file. But the website elapses and displays the login screen in about 20 minutes. It doesn't seem to honor the setting in the web.config file. I'm wondering what could be going wrong. Any help is very much appreciated. <system.web> <s...more >>

Hi I'm currently developping a University portal that uses single sign on between multiple applications, and I would like to store my users in one application and share them with other applications while keeping the roles unique per application. For our portal, all our users would go in an ...more >>

Hello, I am using CreateUserWizard control to create new users on our website. The creation of New users process is blistering and I have no problem with it. But we have a need to create (store) a value called DealerShipID in another table called Users in our database (not in the aspnetdb). ...more >>

I am trying to use the ADMembershipProvider and running into an error. I am not strong in AD so I am fumbling. Any help would be appreciated. Web.Config Prividers Section: <membership defaultProvider="AspNetActiveDirectoryMembershipProvider"> <providers> <add name="AspNet...more >>

I am not able to use the asp .net configuration tool. When I click on the security tab, I get this messages: --- There is a problem with your selected data store. This can be caused by an invalid server name or credentials, or by insufficient permission. It can also be caused by the role m...more >>

Does ASP.NET 2.0 provide an easy way to programatically determine if a user has permissions to access a particular folder? If yes, code snippets would be greatly appreciated....more >>

Hello, The code I have in web.config file to redirect the user to the MainLogin.aspx page <authentication mode="Forms"> <forms name="/.ASPXAUTH" loginUrl="~/Unsecured/MainLogin.aspx" cookieless="UseCookies"> </forms> </authentication> Now I also have th...more >>

Hello, I have a website and I created few users before as per the requirement. Now I have a new requirement to add few more users to the site. So I just launched the ASP.NET web site Admininistration and checked the connection and it was ok. But when I click on the 'Create User' link under...more >>

I made a class based on RijndaelManaged class. I tied to separate the encrypting and decrypting processes. I now have the follwing resistant error: Length of the data to decrypt is invalid Line 70: cs.Read(fromEncrypted, 0, fromEncrypted.Length); I need a fix please..... The Code...more >>

I'm looking for the ways of implementing functionality similar to the one inside Microsoft Exchange 2003 web interface: 1. web interface usage inside domain is transparent (no need to enter credentials since you're already logged into Windows) 2. web interface usage outside domain causing logi...more >>

Hi there, I've been reading/doing this http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT08.asp and have a question about this: --------------- Note If you use DPAPI with the machine store, the encrypted string is specific to a given computer and the...more >>

I'm new to the impersonation thing and so I was hoping I could get some help. I have a Web Service that is setup to use Integrated authenication with anonymous access turned off. I call the web service using: Dim ws as New Webservicename.Service1() ws.Credentials = New NetworkCredential("u...more >>