Hi. I have a web application here which needs to authorize users only from a particular domain to gain access. I am new to the Security aspect of DotNet. Pls help me out....more >>

I've been combing through Google trying to find the answer but not luck. I'm using Forms authentication. Determining what Roles the current user is in was the easy part. But how does one determine what Roles are permitted to use a particular ASPX page? (.NET 2.0, VS05) ...more >>

I have a CreateUserWizard object on my page with some additional fields: First Name, Last Name, etc, etc. I store all these additional fields in a profile for the user. The problem is if I use Membership.DeleteUser(...) it will delete the user from the User table, but it will not remove the...more >>

I have a CreateUserWizard object on my page with some additional fields: First Name, Last Name, etc, etc. I store all these additional fields in a profile for the user. The problem is if I use Membership.DeleteUser(...) it will delete the user from the User table, but it will not remove the...more >>

My site does not allow anonymous users. After a user has logged in and been authenticated I need to access some information in their profile object. I thought I would do this in the LoggedIn event of the Login object but when that event fires the user is still not authenticated so the profil...more >>

Can anyone recommend generic documentation on how to allow AJAX to work through our firewall? I need help convincing our IT department that our firewall is blocking AJAX from Internet-side clients. Thanks. -- Mike McAllister...more >>

We are experiencing an issue where users who are authenticated and active in an application are not getting redirected to a login screen when the application restarts. Can anyone verify this is by design that there is a disconnect between the application and the forms authentication? TIA ...more >>

On May 23, 11:18 am, "Joe Kaplan" <joseph.e.kap...@removethis.accenture.com> wrote: > When you think about it though, it makes sense. If the certificate was just > transmitted directly back the server, then anyone with the certificate could > pretend to be that client. Since certificates are e...more >>

I had some familiarity with public-private keys at a theoretical level and in the context of SSH and PGP prior to this project, but I had never used them with ASP.NET. I think this problem would have been easier to figure out if the .NET documentation was better. In particular this document co...more >>

I'm building a solution that uses Windows authentication. However, the Windows users that are allowed to login and use the application are defined in a custom user store. If a user is successfully authenticated by Windows, access should be denied to if the user isn't in the custom user store. ...more >>

I am using the ASP.NET 2.0 Login control and have provided a valid URL for the PasswordRecoveryURL property. However when the hyperlink is selected the login page continues to be displayed. The URL I start with at the login page is this: http://localhost:1123/MyBox/Unsecured/Login.aspx?Re...more >>