Hi everyone, So I have a problem that is more difficult that it might seem at first glance. created. Any help/a clever "duh" answer would be great as we've spent more than 8 hours trying to get this working. Please see the following thread for the full details: "How To Add User's GUID T...more >>

Hi I am working on an internal ap.net site and am wanting to assign permissions to users using their AD account to authenticate against, but am not wanting to setup the actual groups within AD. At the moment is it seems that my only answers are ADAM and AzMan. does anyone have any suggestio...more >>

I have a simple login form to authenticate users. A code segment looks like this: search.PropertiesToLoad.Add("cn"); search.PropertiesToLoad.Add("name"); search.PropertiesToLoad.Add("givenname"); search.PropertiesToLoad.Add("sn"); ...more >>

I have a simple login form to authenticate users. A code segment looks like this: search.PropertiesToLoad.Add("cn"); search.PropertiesToLoad.Add("name"); search.PropertiesToLoad.Add("givenname"); search.PropertiesToLoad.Add("sn"); ...more >>

I have a requirement that I need to create a website running on IIS6 that needs to be anonymous access by default with Windows once a "Sign in" button is clicked. I've pondered about this and have come up with a solution, but I just want to check it here to make sure I'm not going to get ca...more >>

Simply put, best practices say to: 1) Put ConnectionString info in to web.config for easier editing (and disallow the need to recompile code if settings change). 2) Encrypt the ConnectionString section using the aspnet_setreg.exe utility. This encrypts the data on the IIS/OS level disal...more >>

Hi, I'm trying ta access a webservice that requires identification by client certificate. Browsing the webservice and console testprogram works fine, but my webapplication gets a 403.7 access denied all the time. I've followed the instructions and imported the certificate with Winhttpcertc...more >>

Have just installed mysql on to my server Does anyone know of a sample test script that will test if asp can connect to a test databse?. I just want to find out if it is working. thanks ...more >>

Please correct me if I am wrong here, When we put the username/password in the Form Authentication Web application, usually the username/password is stored in the cleartext, in the client memory space. So what happen is that in the public computer, a hacker can run a program like Winhex to r...more >>

The main idea of IWA is to have a single sign on capabilities web site and I think it is good if you have a web that cater internal people. A few questions coming out from this implementation 1) How does the C# Windows Authentication work? Does the NTLM handshake only happen in the first reque...more >>

Suppose web.config contains <authentication mode="Windows"/> <identity impersonate="true" userName="XYZ" password="XYZ"/> and the password is wrong. Then if the website is opened in the browser, a message is given that shows the above section on the page. What makes this section app...more >>

I've an IIS6 ASP.NET 2.0 web site (not a virtual directory, a web-site). I've configured the web-site (following directions at http://support.microsoft.com/kb/215383) in the MetaBase to allow NTLM and Negotiate access, and the site itself is using Integrated Windows Authentication and allow...more >>

greetings all, (again blasted newsreader killed my initial epic, email post numero 2) I have a dev box(XP) that I am developing an ASP.NET 2.0 application .. am trying to use membership features .. have set up my local box secured a directory dropped in an ASP:LOGIN web control added some ...more >>

Hi, I am still able to navigate back to secure area even after calling FormsAuthentication.SignOut() on the logoff.aspx I read some place that I need to clear the cookie, expire it etc.. But I am not getting it right. Need examples tutorials etc.. please help. ...more >>

Hi, I'm trying to setup ASP security for the first time and am having some problems. If anybody can help, I would greatlly appretiate it. I setup the aspnetdb and setup users and roles through the ASP.net configuration. I setup a Logincs.aspx page with a Login Web Control. When I go to my ...more >>

Could not get the Visual Studio.Net Professional not running smoothly. and the server 2003 was asking me for connection. above all, i could not integrate both the server and the Visual Studio.Net Professional to running after installation....more >>

I am programming forum. Tech is ASP.NET, C# and SQL Server 2005. I want to see is my site safe, have I made some security problems. Can you try to hack my site untill 10-september-2007.: http://www.search4affiliate.com/Forum.aspx Thanx ...more >>

Here is my issue: 1) This is an ASP.NET 1.1 website hosted on Windows2003 Server 2) SP1 for .NET 1.1 is installed 3) I have the .gif extension mapped in IIS to the 1.1 aspnet_isapi.dll 4) I have an httphandler configured for the website: <add verb="*" path="*.gif" type="myNamespace.myHandl...more >>

Hello, I would like to encrypt configuration sections with "aspnet_regiis" and "-pef" option. This is working fine for most of the sections I'm interested in, for instance <appSettings> and <connectionStrings>. This is not working for the <identity> section. The tool claims that the sectio...more >>

HI, I'm new in LDAP. I want to use LDAP server to do authentication and authorization for our .NET web applications. My question are: 1. Where can I get microsoft LDAP server(service?)? Not ADAM. 2. Can I install it on win XP? 3. Can I install multiple instance of LDAP server on one machine?...more >>

im having some issues with application security and i was wondering if anyone could point me in the direction of some good resources that would explain the different levels of security. the problem im currently having is im trying to make a web app that will pull a file from the client (cli...more >>