I'm curious to know if sensitive data I store in, for example, the HttpApplicationState, is safe from being obtained by non-authorised users? If it is not safe, how does one go about accessing the information? Mini-dump to examine stacks and heaps etc? Basically I use the registry to stor...more >>

Hi I have created a component in .NET to use in a classic ASP application on an intranet. It should use the Windows authentication and WindowsPrincipal.IsInRole() method to check which groups the user belongs to: .... AppDomain ad = Thread.GetDomain(); ad.SetPrincipalPolicy(PrincipalPolic...more >>

Hi, I need some info after strange behavior from .Net Framework security update... I developed an activeX in C# (ie: a dll) and I need now to allow this activeX to run on the client computers without any manual action (such as configure the .Net framework policy). I create an exe file whic...more >>

I've got a few posts that are all related but I've gotten a little farther and figured I should make a new post. I am writting a VB dotNet program that has to restart the PC halfway through. In order to ensure it restarts with the same userid and password I have to setup the following re...more >>

Kikoo, Je cherche un exemple de code de service windows qui utilise un Certificat X509, sans avoir besoin de se logger dans windows. Je me galère avec l'API Crypt32. Merci. Hello, I'm looking for a code sample in for a windows service which use a X509 Certificate without login on ...more >>

Hi I'm testing a vb.net console application that's kicked off by a scheduled basis on hourly basis. I'm using Enterprise Library mainly for Data access & logging. I have recompiled the source code leaving out instrumentation functionality as it's creating quite a few security violations. T...more >>

Hi friends I am trying to modify a file on my computer but I get an error which says the following. "System.UnauthorizedAccessException: Access to the path. I also tried FileIOPermission FileIOPermission fio = new FileIOPermission(FileIOPermissionAccess.AllAccess, paramMP3.fileComplete); ...more >>

Hi all. When using WebRequest.Create("https://...") Is the communication secured? Also, when using Msxml2.XMLHTTP.3.0 open method with https protocol in the url, is the communication secured? The second question is not dot net related, but if you know the answer, I'll appreciate it. Thanks. ...more >>

In windows 2000, we can map file extention ".mdb" to 404.dll (which IIS lockdown installed) to protect microscodt access databases from direct access by client. In Windows 2003 server, the above method do not work. In fact we can't register 404.dll at all. In Machine.Config, we add <add ...more >>

I have several clients that are entering into situations where credit card information is flowing through their system. So from a public web server, a person enters their credit card information, the information must flow to an application server (possibly even through BizTalk) and then onto e...more >>

Hello, I am hosting a user contol from a project of type windows control library inside an asp.net page (using the object tag). This control communicates with a Web service. I am able to get it working only if: A) I create a custom code group with the 3 permissions: Web Access, Security,...more >>

Are they any common reasons why the credentials object returned from = CredentialCache.DefaultCredentials would be empty - use name and = password are the empty string? I am writing an Office Add-In and this = call is not retrieving the user's login as specified in the = documentation. Tha...more >>

Hello folks, I've integrated my ASP.NET website with a portal on web. My website opens in a frame provided by the web portal. The portal uses https protocol. Now when i open my website IE displays a security warning saying "This page contains both secure and un-secure items. Do you want to ...more >>

I'm trying to setup an automatic logon process. I've gotten this to work in VB.Net and setting the necessary registry entries. However I don't want the password to appear in the registry and was told in another post that I should use LsaStorePrivateData (http://msdn.microsoft.com/library/d...more >>

Hi, I am facing some problem using ADS Single On to program from ASP .Net pages. The scenario is: User has logged onto Windows using AD profile. My asp .net application, while launched, needs to know the profile already logged in and use the credential for rest part of my application. ...more >>