Hello everybody, here is my question: We are using windows authentication and an Active Directory membership provider so our users don't have to login to the site. This works great, but now we need the ability to login as another user. I have tried simply adding a login control to a test page;...more >>

as we know The .NET Framework runs all ASP.NET processes under the local ASPNET account. is there anyw ay that I can change the user and instead of a local user use a Domain user ? thnx Mahmoudreza ...more >>

I have developing a web service that need to access files on Program Files folder. I used write the tab <identity impersonate="true"/> in the web.config file for the files outside the webservice folder can be accessed with a user right correctly. The problem is that if I use credentials of ...more >>

Hi All, I create an intranet web application using asp.net 2.0. I set the authentication mode="Windows" in the web.config, and set IIS as NT Authentication and uncheck the anonymous login box. If I run on my local machine, the NT Windows dialog box login will not popup, but I still get the ...more >>

I am trying to run an exe from my .net 2 website but I cannot get even simple code to work outside of Visual studio debug very simple example (but my exe behaves the same) Dim myprocess As New Process myprocess.StartInfo.FileName = ("Notepad.exe") myprocess.Start...more >>

Greetings, all. I am developing a windows forms intranet app that uses AD for authentication and access control. There are some application settings, however, that I'd like to persist, along the lines of aspnet's personalization paradigm. Since this as a smart client app, and the users may...more >>

I get the error message: Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection. in my ASP.NET CLR 2 website. I am using Forms authentication, is this the cause? Shouldn't there be a default user? Other info: SQL Server 7 aspnetdb Thanks...more >>

Hi All, I have a file system watcher on a remote machine. When people create files/folders on the remote machine I need to see which user was responsible. As there are a number of users who are admins often when a file is created the following code shows BUILTIN\Administrators FileSecurity acl...more >>

We have a website in which we will have an SSL component for order processing. We just found out that we will have a hardware SSL accelerator card within the network architecture. From what we understand, the card will TX/RX to the webfarm via port 80 for all traffic. This is new for us and ...more >>

Hi everybody, How exactly do you Encrypt and Decrypt, using Cryptography, ConnectionString inside web.config programmatically in .Net Framework 1.0 and 1.1? Please provide codes. Thanks. den2005 -- MCP Year 2005, Philippines...more >>

Hi, I've been searching the web and google for a while now, and can't find how to do exactly what I want to do. I'm sorry if this has been answered before, I just cant find it. My idea is to have a folder /root/public/secure which has a web.config file in it like so <authorization> ...more >>

I'm not too familiar with writing regexes. Does anyone have a regex handy that mirrors the default complexity requirements for AD. I know there are a few additional reasons a password change could fail, but I'm hoping to at least save the trouble of trying to change the password for some of ...more >>

HI Gurus, I am trying to build a web part in asp.net 1.1 using VS.Net 2003. I am using this web part on a sharepoint server hosted on a remote server. I am trying to loginto a sql server 2000 machine , again on a third machine. The issue I am facing is that of "Double hop". I ahve gone through...more >>

I want to sign an user-unique cabinet file. So each time I must resign the cabinet before it is downloaded by the user. I am trying to spawn a process that calls Signtool.exe with the arguments being: sign /f newcert.pfx /p password /v mycab.cab Starting the process yields a standard err...more >>

Dears, I've a website that connects to a SQL Server 2005 database on another machine with integrated security = SSPI when i try to connect to the database i recieve this error :: :Cannot open database "Database_name" requested by the login. The login failed. Login failed for user 'NT AUT...more >>

I am working on the login portion of an internet web app in asp.net 2.0 amd am using the login control, loginview control, etc. Everything was looking ok until all of a sudden the test user passwords I set up were changed. I was testing invalid logins and having the id and pw emailed to the ...more >>

Hi, What do I have to do (other than reboot my PC) to get ASP.Net rolemanager to recognise changes in role/group membership? The group who's membership I am changing, is on my local PC. I've tried restarting my web app, stopping the ASP.Net Development Server. NB I'm not caching the role...more >>

Hello, I am trying to get the UserID from the aspnet_users from aspnetdb database with the below code snippet. Protected Sub Login1_LoggedIn(ByVal sender As Object, ByVal e As System.EventArgs) Handles Login1.LoggedIn Dim UserID As String = String.Empty Dim ManufacturerID As...more >>

For asp.net applications: 1) when asp.net impersonation is not set, authentication by IIS happens first (if anonymous access is enabled then identity is the IUSR_ account), but any resource access (read/write for files etc) is done by the asp.net process account (the IIS application pool proc...more >>

Hi, I'm attempting to extend IIdentity to enable me to have more information on the user (email etc) and store it in a cookie. I assume I am extending the correct object (but if not shout up). Anyhow I've had a good stab at this, but I don't appear to get my extended identity back out of th...more >>

Hi All, I'm using forms authentication. Opening any page would lead to the login page if the user is not currently logged in. This is fine. But I would like certain public pages to be displayed irrespective of whether the user has logged in or not. Is there a way to stop the authentication mec...more >>

Hi, I need to cover by custom authentication algorithm both ASP.NET and other resources within the site. FormsAuthentication covers only resources beeing handled by ASP.NET. Other generic resources can be retrieved without beeing logged on. I'm trying to configure the site to handle all r...more >>

Does anyone know if the source for the AD membership provider that ships as part of .NET 2.0 has been released? I remember they released the source for the SqlMembershipProvider but I can't find anywhere if the AD one is available. I'd like to make some customizations, and I'd rather not hav...more >>

Hi; I just built a Windows 2003 server, installed IIS and Sql Server, ran "aspnet_regis -i" and "aspnet_regsql.exe -S localhost -E -A all -d WindwardPortalMembership", copied my ASP.NET app over, in IIS properties clicked the Create button to mark it as an application. The login page com...more >>

Hi; It seems to me that you log in/out of a session. But it seems that these events are tied to the Login and LoginStatus controls - is that correct? -- thanks - dave david_at_windward_dot_net http://www.windwardreports.com ...more >>

Hi, We have developed a project in .net. Now our customer is asking when ever we open a email (that is sent from our application ) we need to insert a record in a database table. When user reads the email we need to insert a record in the database.How can we fire the db method when us...more >>

Is there any way to change the authentication mode of a web app during startup, say in the globl.asax.cs file? (if you are using c# of course). I have a situation where in some cases I need to use forms authentication and sometimes I need windows authentication. They both work fine stand-alo...more >>

Hello, I do not have much expertise in the security area, especially when it comes to Windows Authentication. We have a Win 2003 server that runs the ASP.NET 2.0 Web application. I have a simple page that needs to access the directory info on a remote server and if the directory does not ...more >>

Using the Website...ASP Configuration tool, when I try to do anything in "Security" I get the following error. Using Forms ID and a CreateuserWizard, I am able to creat users through my websote, but not on the Admin website. Error: An error was encountered. Please return to the previous pa...more >>

I am using form authentication in a website. I have images on my Login.aspx page which is registered as my loginUrl. However the images that are supposed to show up on the Login.aspx page are blocked. Is there a way that I can specify that the images should not be blocked? Thanks ...more >>

Hi guys, I posted this question first in the wrong newsgroup (.net.security), but this is an asp.net question (i guess). Sorry ... I am developing a web application. When I try to connect to an Analysis Services 2005 server everything works fine. When I try to connect to an Analysis Se...more >>

Hi All, I am developing using ASP.NET using VB on .NET framework 1.1. I have an application that uses forms based authentication. When the session times out and sends the user back to the login page, I see that it populates a return_url value and adds it to the url. Such that when the user...more >>

Hi I have a few questions about Admin Console in ASP 2.0 1. When I create user thought console is save him to aspnetdb file in app_data folder. When I public web site do I have to copy on web server that folder and that two files .mdf and .log? 2. How can I add extra fields when creating new u...more >>

Hi there, I am having trouble getting an ASP.NET web application to connect to another computer and passing the proper credentials and I hope someone can help me. I have a stand-alone Windows 2003 Server, ServerA, running as a Web Server that uses ASP.NET. The default.aspx file tries to acce...more >>

I've got a website where I am using 2.0 Membership services. I am using the SqlMembershipProvider to store information about my users and their membership to my site. What I would like to do, though, is allow domain users within my network (i.e. Windows authentication) to access the site with...more >>

Is there a membership provider for the sam database on a Windows 2003 server in the workgroup configuration. (No Active Directory). The out of the box providers seem to be only for SQL and Active directory. Thank you, Jerry -- Jerry ...more >>

Hi, I want to use the AuthorizationStoreRoleProvider class using my own code but NOT to authenticate and authorize the users in my current web application, only to manage some security part of my active directory. In my web.config, I have added some configuration information (like the co...more >>

Hello, I have .aspx page which has a dropdown. The Dropdown has 10 values. Now If I say Select 10th Value at client Side , submit the form and Intercept the Form by using an Intercepting proxy (BURP PROXY). Now if I change the corresponding passed value of dropdown to an invalid va...more >>

I have a web service that uses an access database. On the local machine it works fine but if i try to open the real database on the server it says the path is not valid. For local access is us a user for the local box but for the server access it use impersonation of a domain user with acce...more >>

Dear friends i have made a web application by using ASP.Net 2003. We use it in our compnay. Now i want to sale this application to another company also. Currently all files including .vb,.rpt,.xsd,.resx,.aspx are in WWWRoot folder in my server. I am very worry about my application source beca...more >>

I am planning on using Windows authentication for a web page. I've added these lines to my web.config file: <identity impersonate="true"/> <authentication mode="Windows" /> And I can view the name with: void Page_Load(object sender, EventArgs e) { if(User.Identity.IsAuthenticated ) {...more >>

Hi, I am using Forms Authentication on a web site running from my local machine. This works fine in IE, but when I try to view the same site with Firefox, I am prompted for a username and password. I've noticed that this also happens when another user tries to access the site from their mac...more >>

I am not able to run the Asp.Net Configuration tool from inside of a VS 2005 website(I have VSTO 2005) What happens is the page goes flying by me and returns to the VS 2005 design page I was on. I was however able to eye ball the URL of the application as it flew by me to get the port numbe...more >>

Hi I'm trying to populate a dropdown list on a page, with the result from an AJAX request, however, because my dropdown is runat="server" I get a security error when posting back my page. I guess that makes sence since a hacker could attemt to compromise the webserver this way, however in ...more >>

I have a strange problem, for months now we have had a dotnet 2.0 application (previously 1.1 but now upgraded) running on a 2003 server without issue. A recent small change was made to the sites underlying code and tested on the development platform of Windows XP, migrated to the QA platform ...more >>

i am trying to impersanate a remote user on a workgroup(NOT Domain) account. This does not seem to work. Only works for domain or local user. Anyone have any ideas. Thanks Dim tempWindowsIdentity As WindowsIdentity Dim token As IntPtr = IntPtr.Zero Dim tokenDuplicate As ...more >>

I have an application with some subfolders that i am trying to protect. When i configure the web.config to secure that folder, i get the dreaded, "It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual ...more >>

Dear friends i have made a web application by using ASP.Net 2003. We use it in our compnay. Now i want to sale this application to another company also. Currently all files including .vb,.rpt,.xsd,.resx,.aspx are in WWWRoot folder in my server. I am very worry about my application source bec...more >>

Hello, I am currently working on a app to remotely (from a windows xp environment) retrieve a list of websites/virtualdirectories on a windows 2003 server. However, it keeps giving me an access denied on the following piece of code: Me._W3Root = New DirectoryEntry("IIS://" & Me.txtServer....more >>