Hi All i have created a web application for businesses pupose, which contains come classes, the whole output of this application is "MyWork.dll" in bin directory, so far so goood. wot i want is to safe this ".dll" file, coz if a made any windows or another webapplication and add its ("My...more >>

Hi I am creating a ASP.NET 2 applications with Forms Authentication with Active Directory Login page. I have created a login page, web.config file etc. exactly like the examples in the MSDN article:- http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/paght000026.as...more >>

I am using ASP.NET 1.1 and need to make sure that viewers of a web page belong to a role in Active Directory. I am looking for some samples, articles or links etc. that can get me started showing me how to do this. Thank you. ...more >>

Any tip on connection string encyption would be appreciated. ...more >>

I need to create custome performance counters for my asp.net application, these counters am creating in application_start event. to create this counters i used following setting in IIS and web.config file in IIS ---> Directory security tab---> 1) checked anonymus access and integrated wind...more >>

When attempting to access my 'companyweb' website, I was receiving the = error message: This Windows SharePoint Services virtual server has not been = configured for use with ASP.NET 2.0.50727.42. For more information, = please refer to Knowledge Base article 894903 at = http://go.microsoft.c...more >>

Hi, Is there a way to get the encrypted bits from a SecureString, rather than pinning it down and getting it's actual, decrypted value in unmanaged memory? What I would like to do is simply compare the unicode encrypted string in the database with the unicode eyncrypted string passed...more >>

After hard drive died on my machine, I had to phisically replace it and restore full system from backup. I was lucky enough and nothing was lost. But after the recovery I noticed checkdisk was doing the follwing: Replacing invalid security id with default security id for file 4171 Replacing in...more >>

Hi, I am trying to strong name the ASP.NET 2.0 output dll. I have added web deployment project then specified the public key and checked the box "allow delay signing" in the project properties. Also I specified to create a single output dll for the application. But after compiling I get er...more >>

Hi, my application goes like this: Windows Forms (client) | | | ASP.NET (IIS 5.0) or APACHE (vanilla SOAP for example) | | | SQL Server, DB2, MySQL, Oracle, (whatever) My schema on the database contains a "Users" table, which contains bits set or cleared according to whether ...more >>

Hi I work with windows authentication, not allow anonymous, and with custom pool(domain user) The problem is that I get this error only if the url is by server name. If it's by IP number, I have no problem. What can the problem be? ...more >>

If I use the out of the box hashing for passwords using the membership object, is my data transportable to a different sql server? I'm concerned about the hashing relying data that's stored on the machine, and loosing it when the database is moved. -- Ken S...more >>

I'm a little confused about how to work with the "createPersistentCookie" feature of FormsAuthentication.RedirectFromLoginPage(). 1. There are various things that I need my application to do when a user successfully logs in. I do that stuff inside the code of my Login.aspx page after I am s...more >>

Hi; Ok, I have role restriction working for pages - thank you everyone. I have two follow-on questions: I want to require a role for access to all pages except 3 specific ones if a user does not have a specific role. Is there a way to do this other than listing out each other page as a...more >>

Hi; The page http://www.asp.net/QuickStart/util/srcview.aspx?path=~/aspnet/samples/security/Administrators_Page.src&file=membershiproles_vb\Web.config&lang=VB+Source uses QuickStartMembershipSqlProvider instead of AspNetSqlMembershipProvider. What is QuickStartMembershipSqlProvider and why...more >>

I created a new website, using the ASP .NET Website template. Before I did anything, I tried running it in debug mode. This worked, giving a blank page. I then moved the site to become the default site on my machine. At first, I had issues with an XML error that came up. After I se...more >>

I have an httpModule that tap into the authenticate request event. If a request is coming from a sister site, in the query string there is an encrypted string mapped to an already authenticated user. If it looks good, I would like to auto validate the user so she doesn't have to go to the lo...more >>

Hi there, Here's the scenario: - I've created a login control using Forms Authentication - when the user logs in, the webapp will check user's authentication using ActiveDirectoryMembershipProvider now, is it possible to use WindowsTokenRoleProvider as the role provider? If possible, my ...more >>

Hi; I thought I asked this before - but I can't find it. So apologies if I did. I need to access both files (opening/reading) and databases (connect using SSPI) impersonating the client user. THere are two modes for this: 1) Windows authentication - we use the credentials from the client ...more >>

8. I want to set the system so authenticated users who are not a member of one Role/Group can only get to 3 pages. And that users who are not a member of the admin role/group cannot get to the admin page and the admin menu tab does not show. What is the best way to do this – where I may be u...more >>

7. How do I get the number of users logged in (we will limit the number based on a license key)? And how do I set how long they have to be idle before being automatically logged off? Again, this is for both windows authentication and AspNetSqlMembershipProvider. -- thanks - dave david...more >>

5. Are there instructions anywhere on exactly what I need to do (Config settings, file ACLs, sql scripts run, etc) to install & configure my app and SqlServerExpress so it is all working on IIS – both on Windows 2000 and Windows 2003. a. Can I assume it will have the right connectionstrin...more >>

4. Is this the correct & complete Web.Config for the SqlServer membership/role provider: <roleManager enabled="true"/> <authentication mode="Forms"> <forms loginUrl="login.aspx"> </forms> </authentication> <authorization> <deny users="?"/> </authorization> <membership...more >>

3. Is this the correct & complete Web.Config for windows authentication. And is there a way to set this so people enter username instead of domain\username? <roleManager enabled="false"/> <authentication mode="Windows"> </authentication> <identity impersonate="true"/> <authoriza...more >>

1. I assume the two options I should use is Windows authentication if all users are in Active Directory and all users use Internet Explorer. And option 2 is to use the ASP.NET SqlServerExpress standard user/role manager for all other cases? I assume that the ActiveDirectory role manager still ...more >>

This is for a portal we are creating that we will ship to customers. We are trying to keep security as simple as possible and to have 0 or single sign on. All we need is the UserName, UserSID, IsAuthenticated, and IsInRole. I understand that knowing security inside-out is critical. And we are...more >>

Hi, I'm having a strange security problem with an asp.net 2.0 web service I've written to automate our build and deployment process. I get an access denied from a wmi call that attempts to stop a service on a remote machine, but I only get it running in a particular configuration. Otherwi...more >>

Hi; Is http://weblogs.asp.net/scottgu/archive/2006/01/09/434925.aspx still the best way to put admin tools for users & roles in our web app? -- thanks - dave david_at_windward_dot_net http://www.windwardreports.com ...more >>

Hi; We don't want to put the 10M MDF file in our install. I figure it's much better just to run a script to create it on each customer's server. So... 1) How can we programatically create the ASPNETDB.MDF database? 2) How can we programatically create several groups? 3) How can we prog...more >>

Hi; When a customer installs our website which uses the ASP.NET 2.0 SqlExpress role manager, we need to have SqlExpress on their computer. However, we don't want to include it in our installer since most will have it. So... 1) How do we tell if it is installed (so we can prompt them if it ...more >>