Hi, I've 2 web sites configured in IIS 6.0. The 1st uses port 80 for http and port 443 for https. In this web site I've a default web site, and several application sites that uses https like OWA. The 2nd has an institutional web site of my company that has a public area and a private ar...more >>

Hello, I am trying to use the new ASP.NET Membership features with one initial issue. I am trying to get things setup using the ASP.NET Configuration menu item. When I click on ASP.NET Configuration, I get the error: "Unable to connect to Visual Studio's Localhost Web Server". I have r...more >>

Hi, I've an application using ASP.NET 2.0 that is deployied in IIS 6.0 in a Win2003 application server. For that application I'm using windows authentication and impersonation to access to an SQL Server 2000 on other Win2003 application server througth a integrated security connection st...more >>

Hi, I'm using Visual Studio 2005 and I'm currently working at home, this line of code works perfectly well online If Not (HttpContext.Current.User.IsInRole(SecurityGroup)) Then But when run disconnected from the network I get the error below. Is this correct? Is there a different line to d...more >>

hello, im familar w/ *forms* based authentication, and i have coded several public-facing web sites that authenticate w/ a forms-based login page; then get back an array of user roles, and from global.asax.cs's Application_AuthenticateRequest() assign the roles to the Security.Principal user....more >>

I am trying to login a user to NT on a default.aspx page when the site is setup to anonymous. I used some code for impersonation and it works for the default page but when I redirect to other pages I am back to the anonymous user for IIS6. How can I get the new impersonated user to be the user...more >>

I have my own subscription page that prompts for Membership info, among other things. when the user submits a valid page I would like to 1) Membeship.CreateUser and 2) automatically log in the newly created user. Step 1 is simple, but it's not clear to me how to do step 2 Thanks in advance f...more >>

I needed to extend the attributes being collected by the sqlmembershipprovider. Since we're using a sql store, inheriting from the sqlmembershipprovider class seemed to make sense. I'm running into several problems. In my unit tests, when calling the DeleteUser method, I get a System.Null...more >>

We are running www.pageflakes.com on NLB. There are 2 servers running the site on ASP.NET 2.0 on Windows 2003 32bit. Both servers' event logs are flooded with this exception: "Forms authentication failed for the request. Reason: The ticket supplied was invalid." I tried the following: ...more >>

Hi, is there any way how to go through this Security exception when using = GetCompiledPageInstance method in Medium trust app level (webhosting = environment)? Where is the real problem? I mean why application has to = be in Full trust?=20 I'm using that method because RewritePath has seriou...more >>

Hi folks, I'm using form authentication on my web application, what I want is when I'm authenticating, I pass the UserID and Password throw a web service and the web service will check if he is authenticated or not and return to me what I need. Is it possible to connect form authenticati...more >>

We have a web based product written entirely in ASP (not asp.net) and Javascript in the frontend. As of now all the pages are viewed over HTTP and that works fine. Now we are trying to partition the set of pages into secure and non-secure. And for the set of pages deemed secure we would like t...more >>

This is a new post covering two previous posts: "Unable to establish secure connection to Server" and "membership and redirect of unauthenticated user" Thank you for your replys. I found a MSDN Library entry by the Title of: "Mixing Forms and Windows Security in ASP.NET" by Paul wilson ...more >>

I'm referring to this Microsoft article in regards to creating a custom membership provider: http://msdn2.microsoft.com/en-us/library/ms366730(d=ide).aspx I'm in the process of creating my own membership provider and just want to make sure I get everything set up correctly with regards to th...more >>

hi, I'm not getting the results I expected when setting up authorization in my web service. I have a web application that runs under an application pool identity (with Windows authentication). This application then calls a web service which is also setup to run under the same application pool...more >>

Hi I've got two web services both running on the same web server. Both web services are accesses via https and the same root level domain. I wrote the client application which post information to one of the web services and depending on which method was invoked calls the second web servi...more >>

Hi, I'm developing a Web application with VStudio 2005 + .net 2.0 + IIS 6.0 In the Web application I've to digitally sign a pdf document with a user certificate. In the page where I've to sign I list the user certificates with this code: -----------------------------------------------------...more >>

Greetings MS ASP.Net Community, I am using forms authentication for a site we've been developing. All users valid on our Windows domain are eligible to access the site, but are enrolled in the application upon initial login by insertion of a record into a [User] table located in a SQL Serv...more >>

I've implemented forms authentication for my application. I would like to use access rules by creating individual web.config files in folders to allow/disallow access to directories. My problem is when I create an access rule for a directory to disallow a role or user, when that user in the role ...more >>

Hello, What is the difference between the followings in web.config; <SettionState> session timeout? and <authentication mode="Forms"> cookie timeout? Thanks ...more >>

Hi, anyone has experience of Website login (AD Integrated) using a Smart Card ? In actually using the ASP:Login control to login the users usign they AD credentials. User also have a smart card that permit them to logon locally to Windows XP clients. I'd like to have them login on the extran...more >>

Environment: Windows XP, .NET/ASP .NET 2.0 I am developing an intranet application for my company. I want to use LDAP to get the existing users of the company and allow them access according to their roles. I have set identity impersonation = true and authentication mode = "Windows" in the...more >>

I'm building a new app that wants to use roles and permissions. Not uncommon. The customer wants to use a custom Admin tool to control roles and users. What would be the best way to implement this? asp.net 2.0 and sql 2K. Thanks...more >>

Hi, In short my problem is securing static pages, so that unauthorized (anonymous) people doesn't get access to these files. You'll find a detailed description below. I have a websolution that is made in Dotnet 2.0. The solution send the user to a correct module based on the users credentia...more >>

Hi everyone, I have been looking around for info to do this: http://www.contoso.com/question.aspx?name=microsoft => signing and encrypting using server and client certificate (public and private key) => http://www.contoso.com/question.aspx?G+1VMWPD==BNTW (And the server to do a request.que...more >>

Is there a way to use the website administration tool from the hosting server instead of localhost? I need a way for my client to be able to maintain members and roles and they obviously won't be using Visual Studio. Any suggestions would be apprecitated. Thanks!...more >>

What is the best way to handle following scenario: I am running multiple websites serving the same users. one runs under ..net 1.1 and the other one runs 2.0. this is to offer users the advantages of the new framework while continue to support applications that are not yet converted to 2.0. ...more >>

I've read every single posting on ADSVALUE, and possibly every single posting on LDAP and .NET/dotNet, but I am still having problems debugging an LDAP authentication issue. The setup: We are using a .Net application to authenticate, using SSL, with an LDAP directory on port 636. In the .Net c...more >>

I'm my web application, I've specified to use forms authentication in the web config. In my signin page, I have an img tag to an image in my web applications virtual directory. Because the user is not signed in yet, the image url is not available, is there any way in the web config file to ...more >>

In have my web.config set up so that after three invalid login attempts, the user account will be locked out maxInvalidPasswordAttempts="3" passwordAttemptWindow="10" This all works fine. If I want the account to be enabled after a specific period of time has pas...more >>

I am trying to implment membership. The problem I am having is setting up the authentication and authorization section. I may have misunderstood this class. I want to have a user that is using IE and is a member of the domain or if there is a stand alone server that has a companion accoun...more >>

I have created a web service in microsoft studio .NET (.asmx file). The web service uses SOAP messages in order to communicate with the web page client. The programming language for the server is VB and Javascript for the client. I would like some help in order to insert an SSL protocol for ...more >>

Hi all I would like to now the answer to the following problem, if someone can help. Given a windows application client that's calling a web service (using default credentials) the web service gets invoked fine with the users credentials. However they need to call a second web service f...more >>

Quick background on what I'm using: Visual Web Developer 2005 SQL Server Express 2005 Hosted on my local machine (this is just a "get used to 2.0" test website) I have created the membership (?) schema in my existing Express 2005 database. That has went well. I have two users in that dat...more >>

Hi, we are creating an intranet where iis and sql server reside on different machines. We have been able to use identityimpersonate=true with windows authentication etc when iis and sql server reside on the same machine but cannot get this to work when they are on different machines. I r...more >>

Hi there, We are upgrading an ASP classic application to ASP.NET 2.0, and currently have a permission set of about 200 distict permissions. I am thinking of using the Membership provider to map each permission to a named Role, so we can explicitly or declaritively check for a given permissi...more >>

Hi I am using a custom database for Membership. The web admin tool connects fine to MySqlMembershipProvider, but when I try to use my login page I get the following error: System.Web.HttpException: Could not find the specified Membership Provider. All was working fine until I changed t...more >>

I am trying to use ActivedirectoryMembershipProvider in membership using Asp.net 2.0, VS2005. I am getting the error "Unable to establish secure connection with the server" . The server is a standalone server Windows server 2003. The server name is CDCROTTY The connection string is <add na...more >>

Hi I am getting a "Could not find the specified membership provider." error when trying to use the membership api. I can find no documentation on this error, or any other threads. Does anyone know how I can solve this? Thanks Andrew Wrigley ...more >>

Hi! I have several dotnet applications (or small webs). Sometimes it's necessary to restart IIS, but before doing this I would like to know currect sessions in IIS or in different apps. Is this possible?!?! Best regards /Magnus ...more >>

Hi; When I add a user using the SqlMembershipProvider (I have requiresUniqueEmail="false") and use CreateUser(name, password) - ie no email address, the user is created but CreateUser throws an exception saying the user already exists. Any idea why? -- thanks - dave david_at_windwa...more >>

Hello, We have an ASP.Net 2.0 web application running. If we connect to (and use) SqlClient objects from within the aspx pages themselves, all is well. However, if we create a Data Access Layer assembly, and place it into the /bin directory, and attempt to use said assembly, we get an erro...more >>

How to configure ASP.NET to attempt database connections as NETWORK SERVICE rather than MACHINE ACCOUNT {DOMAIN-NAME}\{MACHINE-NAME}$ ? ...more >>

This is driving me crazy. How do I redirect a failed AUTHORIZATION to a custom page in ASP.NET 2.0? All failed authorizations are going to my loginUrl, which is next to useless. I want an error page that says WHY a user can't access a URL. This seems like it should have been an obvious feat...more >>

Hi; I just want to confirm this. When I set <identity impersonate="true"/> that means I can impersonate on the server side. It does not mean that impersonation is set up in advance for each call to the code-behind. correct ??? - thanks - dave -- thanks - dave david_at_windward_dot_ne...more >>

I have IIS configured to log the query string for one of my companies' applications because it's used for some statistics, but I need to keep the query string from logging during a HTTP GET for a specific page. Is there a way to keep IIS from logging the query string for just one page? Or is ...more >>

hi all, by using the following code i can be able to retrieve the User "DisplayName" from the ActiveDirectory by using IE, if i run the same application by using Mozilla Firefox then i am getting "An operations error occurred" message, my requirements is my application should run in this tw...more >>

I am creating a site for the intranet at the company i work for, but there are 3 levels of security and a login form. All users have to authenticate with the system. Logins are stored in a DB, but i use windows authentication to find the account, this is working fine, and i have set the fo...more >>

I'm trying to use 2.0 forms authentication in a new web site. My book shows how to set this up with the ASP.Net Web Site Administration Tool by going to the Security tab and following the instructions there. However, on this page I get an "Unable to connect to SQL Server database" mess...more >>

have membership tables installed on external SQL database? check have login controls working such that new users are created in that table? check those users also show up in the asp management page? check Can grab all the users in a memberhship collection object and they are all valid and cor...more >>