|
|
|
June 2004 July 2004 August 2004 September 2004 October 2004 November 2004 December 2004 January 2005 February 2005 March 2005 April 2005 May 2005 June 2005 July 2005 August 2005 September 2005 October 2005 November 2005 December 2005 January 2006 February 2006 March 2006 April 2006 May 2006 June 2006 July 2006 August 2006 September 2006 October 2006 November 2006 December 2006 January 2007 February 2007 March 2007 April 2007 May 2007 June 2007 July 2007 August 2007 September 2007 October 2007 November 2007 |
Filter by week: 1 2 3 4 5 security exception trying to download a file from an ftp server Posted by Caroline at 6/30/2005 1:30:02 PM I get "An unhandled exception of type 'System.UnauthorizedAccessException'
occurred in mscorlib.dll" when I try to download a csv file to my local drive
from an ftp server. I've played around with the .NET Configuration tool and
granted trust to mscorlib. I've granted FileIO write permission...more >>
Get Windows Group Name Posted by Simon Niederberger at 6/30/2005 12:00:00 AM Hi
I need to create a MessageQueue in my C# service (running as SYSTEM). Users
will have no permissions on this queue, so I can't look if messages are
present. When setting MessageQueue.SetPermissions, I have the problem of
knowing the Windows Group Name. I'd like to set Full Control to either...more >>
SSL certificates -- how are they validated? Posted by Rob R. Ainscough at 6/29/2005 4:00:44 PM If I purchase an SSL certificate and install it on my web server, how is it
validated? Anytime anyone communicates with my web server does the SSL go
out to site that issued the SSL certificate to validate it? Or is this just
a one time deal? Also, can certificates be "updated" when a serve...more >>
Running a section of code with admin privileges Posted by JCreasy at 6/28/2005 6:18:02 PM This is rather similar to a post before titled "custom event log". What I
want to do is use EventLog.CreateEventSource() in a remote application that
will not be running admin privileges. I was hoping to find a way to
temporarily allow admin privileges just to do the log event and then resume ...more >>
Decryption, cookies - "Bad Data" Posted by Jose at 6/28/2005 8:59:30 AM Hello all,
We have just moved an application from one server to another. The site
has a "remember me" option whereby the user is not required to enter in
any credentials instead they are read from a cookie.
We have been getting some strange errors:
Error Message: "Bad Data".
Error Stack ...more >>
Windows App user grp question Posted by clsmith66 at 6/27/2005 4:27:01 PM I appologize in advance, but I am relatively new to any security programming.
Is it possible to set up a window app, either in code or in the control
panel to run or access files as a its own user, not under the logged in user,
or do I have to set up the user account in advance and then use i...more >>
ADO.NET security in Windows App? Posted by Rob R. Ainscough at 6/27/2005 4:26:58 PM I've coded a VB.NET windows service that uses ADO.NET to communicate with
both a MS Access database and an MS SQL Server 2000 database. I'm using SQL
Authentication to validate access, but I'm not sure what options I have (if
any) to secure the data transmission/communicate between my Windows...more >>
asp.net client idenification Posted by catweezle2010 at 6/27/2005 5:14:10 AM Hello,
I have to identify the user of an asp.net site by his windows login
name (like environment.currentuser in Access). Till a few days I'm
trying several scripts I've found. For example:
strLogonName =
System.Security.Principal.WindowsIdentity.GetCurrent().Name
But this one displays onl...more >>
Don't see what you're looking for? Search DevelopmentNow.com.
How to encrypt/decrypt Posted by Naga Kiran at 6/26/2005 11:43:33 AM Hi
I want to to encrypt the string i've given in the text box and also have to
decryprt the encrypted string.
can anybody tell me how to do this one in vb.net
its very urgent for me.
Thanx in advance
Kiran
...more >>
Identifying a Machine Posted by NO[at]SPAM at 6/24/2005 1:25:02 PM I am trying to locate a unique machine value using C#, for an authentication
process. Is there a way to find or create this value?
Thanks....more >>
Verifying Signed Files Downloaded via HTTP Posted by DaveW at 6/24/2005 11:40:57 AM I have created a Launcher Application to automatically update files for
my main application before the main application starts. The launcher
checks a XML file on a server to see a list of files/versions that are
associated with the main application and will automatically download
new versions.
...more >>
signing out Posted by JossiesRose at 6/24/2005 1:03:04 AM when i sing out of MSN i get a green tick but still have a red cross next to
microsoft passport why or how do i correct this
--
JossiesRose...more >>
CAPICOM and AES Algorithm.name Posted by tal NO[at]SPAM safecharge.com at 6/23/2005 10:18:04 AM Hello,
I am trying to encrypt a message using the CAPICOM and I want use the
CAPICOM_ENCRYPTION_ALGORITHM_AES value in the Algorithm.name field.
The latest version that is available in Microsoft download center
(http://msdn.microsoft.com/downloads/) is cc21inst.exe and it doesn't
support th...more >>
custom event log Posted by
Hi
Has anyone successfully created a custom event log from asp.net / simply
editing the Reg?! Can you share how, please?!
TIA
--
...more >>
Asbolute ReturnUrl in asp.net 1.1 Posted by mgutty at 6/22/2005 1:53:04 PM I have two servers. A login server y other server, i'm using a "cookie shared
" (both
servers with the same machine key)
my problem is:
when not authenticate user try to access server2 this user is redirect to
server1 (login server) but with RELATIVE url of the server2 ("ReturnUrl" in
url...more >>
IsInRole vs Demand Posted by Martin.McDonald NO[at]SPAM us.logicalis.com at 6/22/2005 12:24:28 PM Hello, I'm trying to determine the difference between using
IPrincipal.IsInRole and PrincipalPermission.Demand. About the only
thing I can think of is that "Demand" allows a bit more flexibility
because it's constructor allows name/role, name/null, null/role. Plus,
it allows for the Union of m...more >>
.NET SSL Client creation with Mentalis.org libraries Posted by zachg99 NO[at]SPAM gmail.com at 6/22/2005 10:20:16 AM Ok, I'm sure I'm doing something wrong, i just dont know what. I'm
attemting to create a test client that connects to an existing ssl
server that runs on a socket on an unix server. It uses ssl to encrypt
the connections so I need such functionality in .NET C#.
I'm watching the log file whic...more >>
Graphics.GetHdc causes InvalidOperationException Posted by Richard Morris at 6/22/2005 9:28:42 AM I have a trivial control descendant that simply handles it's onPaint event
to paint itself with "Hello World". I have dropped that on an app and it
runs as expected.
Now if I embed that as an object on an HTML page, I get an error
"System.InvalidOperationException: The object is currently ...more >>
My_Computer_Zone: why full thrust? Posted by Claus Konrad at 6/21/2005 11:54:34 PM Hi
I'm just curious as to why the default settings in .NET is Full Thrust to
the zone: My_Computer_Zone?
I mean - this is equavelent to skip verification, right?
/C
...more >>
Disassemble EXE? Posted by Sean at 6/21/2005 7:48:04 PM I have an application I made and I would like to be able to send it to
possible employers as an example of my work so the file will be going to very
software savy people.
VS.net creates an EXE of your application as we all know.
I can give it a strong name with sn.exe
Is this good enough...more >>
local SMTP or Not for .NET application? Posted by Shannon Clyde at 6/21/2005 2:44:02 PM We have an existing SMTP server running GroupWise where we wish to
consolidate email delivery for users and applications.
What is the best way to send mail from within a .NET application via this
external (to the Web server) SMTP server?
SMTP + relay + auth in an IPSEC tunnel to connect to...more >>
Digital Signing Posted by Yogesh S at 6/21/2005 12:35:09 PM experimenting with crytography classes.. particlarly digital signing and
verificatino feature.. even though in .NET 1.1 there is no direct way to
derive RSA from X509Certificate class.. so i installed WSE 2.0 SP3 which
provides this feature out-of-box.. but the problem is verification of
sig...more >>
Impersonation in Windows 2000/NT. Posted by Senthamarai at 6/20/2005 2:11:03 PM My program needs to access different network shares from different computers.
One hidden user has permission to the network shared. Whenever the
application needs to access any data from network shared, it has to
impersonate the hidden user and then rever it back to the logged in user.
I ...more >>
Security problems using XP SP2 Posted by Paul Woodman at 6/20/2005 12:00:00 AM I've got a service running as Local System account that calls
CreateProcessWithLogonW to run a script as a certain administrator account.
Like so:
STARTUPINFOW si;
PROCESS_INFORMATION pi;
ZeroMemory( &si, sizeof(si) );
si.cb = sizeof(si);
ZeroMemory( &pi, sizeof(pi) );
CreateProcessWithL...more >>
CAS and Office Development. Posted by Scott Gauthier at 6/17/2005 4:55:49 PM I have been trying, unsuccessfully, to get an Excel Microsoft Office System
Project to run on my computer for the past couple of days, each time I try I
get the wonderful "The current .NET security policy does not permit <Project
Name> to run from folder <folder name>..."
the first thing I ...more >>
ImportCspBlob ? Posted by William Stacey [MVP] at 6/17/2005 11:57:06 AM With a signed assem, how come this does not work? What would?
private void button25_Click(object sender, EventArgs e)
{
byte[] pubkey =
Assembly.GetExecutingAssembly().GetName().GetPublicKey();;
RSACryptoServiceProvider r = new RSACryptoServiceProvider(...more >>
Application security Posted by Andy at 6/17/2005 6:43:22 AM Hi all,
I'm pretty sure this is possible, but not sure how to do it.
I created a key pair for signing all assemblies / applications that we
write internally. Ideally, I'd like to set at our domain controller
that any assembly signed with this keypair be given full trust.
Anyone have an i...more >>
reference for .net security Posted by Wendy Elizabeth at 6/16/2005 2:34:08 PM I am working on web applications that are written in classic asp (vbscript)
that will be communicating will com objects written in vb.net. I am wondering
if there is a reference and/or a checklist of security features that should
be considered in these type of applicaitons?
Let me know.
...more >>
Authentication? Forms without Anynymous access Posted by Paul at 6/16/2005 2:00:08 PM Hi I have a .net web application using .net framework 1.1 and am using forms
authentication (<authentication mode = "Forms">) in web. config file. So
have a form that inputs user name and password and compares this with a table
in a dbase. I plan on moving this to a server where they do not ...more >>
UNC and Windows Service Posted by Soroush M via DotNetMonster.com at 6/16/2005 11:49:00 AM Hi,
I am getting the following error while trying to File.Copy a file from the
local machine to a network share using UNC.
"System.IO.IOException: Logon failure: unknown user name or bad password."
This error only occurs when running as a Windows service. I have created a
test app to per...more >>
PrincipalPermission trouble Posted by Viorel Ghilas at 6/16/2005 11:00:45 AM Hi all,
I have a library that have methods protected with PrincipalPermission, for
ex.
[PrincipalPermission(SecurityAction.LinkDemand, Role="DBAdmin")]
public Guid GetAdminId() {
return new Guid("{BCA26163-E488-4ce8-BF6B-597EB0BE388F}");
}
and I have a web app that create an user with...more >>
Another AllowPartiallyTrustedCallers Question Posted by jadams at 6/15/2005 1:04:53 PM Hello,
I'm sure this is a common question so please forgive me if I'm
irritating anyone with it but I've not been having good luck finding a
'dumbed down' answer for this.
I've been looking around the net and found the attribute <Assembly:
AllowPartiallyTrustedCallers()> is supposed to solv...more >>
FormsAuthentication and credential swapping Posted by baylor at 6/15/2005 8:53:03 AM i don't fully know what's going on so i apologize if my question is a bit vague
Background
We use FormsAuthentication. Each user has a SecurityProfile that contains
(and implements) IPrincipal plus some other data we need, including the
person's name and their manager's name. All pages inher...more >>
Construcing NetworkCredential from WindowsIdentity? Posted by Claus Konrad at 6/14/2005 7:01:39 PM Hi
Is there any way of getting from a WindowsIdentity (or WindowsPrincipal)
into a NetworkCredential?
I'm forced to authenticate myself towards an second server within my
network, but unfortunately this only accepts Username/password (forms) or
ICredentials (aka. networkcredentials).
I'...more >>
Role Based Security and Principal Permission Posted by vishal at 6/14/2005 4:07:02 PM I am using imperative role based security for my application.
The PrincipalPermission object only takes string as the role,whereas in my
application I have 5 roles assigned to one button and I need to check whether
whether the current principal object has one of those role.
How do I do it?
I ...more >>
Getting the domain name of the current server Posted by Ron L at 6/14/2005 10:05:57 AM I have an application I am developing which is using remoting to have a
smart client connect to a remote database via IIS. There are certain
functions that we only want the user to be able to access if they are
members of a certain group on the server. When the application is deployed,
the...more >>
CAS, Win32 and COM Posted by chiba at 6/14/2005 7:29:08 AM Hi,
Is it possible to restrict only Win32 API calls and allow COM calls using
Code Access Security?
The Security Permission for Unmanaged Code doesn´t make distinction between
them.
Thanks,
Chiba
...more >>
How to NOT use an IV for TripleDes encryption? Posted by Faisal Yaqoob at 6/14/2005 1:39:08 AM I need some information related to DotNet's IV in
TripleDesCryptoServiceProvider class. My company requires me to write a
client application that uses TripleDes encryption to communicate with a
server. The server is written in Java.
According to the information provided to me by the server...more >>
signcode.exe prevent popup? (X509 SPC) Posted by Claus Konrad at 6/14/2005 12:22:58 AM Hi
When signing an assembly with an X509 Certificate, the signcode application
always prompts you for the private key password to verify you know that.
I would like to automate this process so that my assemblies are signed
automatically after each nightly build. How is that possible?
/C...more >>
Using an updated or newer assembly? Posted by Jeff at 6/13/2005 2:17:02 PM We have a C# Winform application that depends on three or four assemblies.
In one of the assemblies, we changed one line of 'hard coded' data to some
other data. Nothing else was changed just something like:
string temp = "fred";
to:
string temp = "george";
We re-compiled the assembly/...more >>
crypto newbie question about hashing in .NET Posted by Tyson Kamp at 6/13/2005 12:53:01 PM Hi,
I want to start storing hashed strings (passwords) with .NET using one of
the provided crypto providers. My question is (and I hope it makes sense as
I'm pretty green to cryptography) if I need to verify passwords from JAVA
apps, it seems that their MAC object (message authenticator c...more >>
Password Hash Gives Different Results In C# And Classic ASP - Help !!! Posted by Fresh_Air_Rider NO[at]SPAM Hotmail.com at 6/13/2005 12:24:23 PM Hi
I have a website written in Classic ASP which creates user accounts and
hashes passwords using CAPICOM and a C# website which also creates user
account but hashes passwords using
FormsAuthentication.HashPasswordForStoringInConfigFile.
The problem is that because each system produces tota...more >>
ASPNET_SETREG.exe Posted by David at 6/13/2005 7:48:03 AM All,
Within out development environment all developers are developing as non
admins. We are all storing our aspnet impersonation credentials within the
registry via aspnet_setreg.exe. I was wondering if it is possible to
generate the password on the fly as our domain account passwords expir...more >>
NTFS ACLs from C# (Whidbey) Posted by Mark A. Richman at 6/12/2005 2:51:46 PM I'm using the new System.Security.AccessControl stuff in 2.0.
This is a snippet typical of what I've done (this example sets Read =
access for Network Service on 'myFolder' and all subfolders and files)
SecurityIdentifier siNetworkService =3D new =
SecurityIdentifier(WellKnownSidType.Network...more >>
ASP.NET Authuntication & Authorization Posted by ADITYA CHS at 6/12/2005 7:23:02 AM Hi,
Please help me. I would like to know how to add more than one web.config
file to an ASP.NET APPLICATION/PROJECT
I want this 'coz in my web site some pages need no authuntication and
authorization.anonymous users are allowed access some pages.but they are
restricted to view some pages w...more >>
Authentication, Remoting, and Database Access problem Posted by Ron L at 6/10/2005 8:48:11 AM I am trying to setup a solution that will include a client which will access
a database via remoting calls. I am hosting my remoting project in IIS, and
am using Windows Integrated security. Since some of my users will be coming
in through the web (from non-trusted domains) to log into their...more >>
Appdomain.CreateDomain throws SecurityException Posted by Praisy at 6/10/2005 2:03:06 AM Hi,
The following exception occured when I tried to create an appdomain.
"System.Security.SecurityException: Request for the permission of type
'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0,
Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
at System.Ap...more >>
Sharing login across applications Posted by Geoff at 6/9/2005 2:06:37 PM We have two applications hosted on the same web server. The authentication
section of the web.config file is the same in each; it is
<authentication mode="Forms">
<forms name=".MyCookie" loginUrl="Login.aspx" protection="All"
timeout="180" path="/"/>
</authentication>
There is a link bet...more >>
policy files and .Net Configuration tool? Posted by Christian G. at 6/9/2005 7:10:12 AM Code Access Security:
Can anybody tell me the different in using â€policy files†referenced in the
web.config file and setting up security in the “.Net Configuration tool†?
Thanks in advance!
Christian
...more >>
Help with CryptoStream and incomplete files... Posted by MattP at 6/9/2005 12:00:00 AM Ok, with the help of some examples found on the web and some minor
modifications on our own, we have a simple and working encrypt and
decrypt solution. It runs as a service, watches for files with a
specific extension in a specific directory. The files are uploaded by
FTP to this directory. T...more >>
|
| home · blog · groups | Questions? Comments? Contact the dn |