Does anybody know how I can programatically force ASP.NET to issue a brand new sessionID to an end user. The primary challenge I'm looking to overcome is getting this done in one response request: 1. Client issues an HTTP request (sending in sessionID via cookie) 2. Server recieves request,...more >>

Hi, I have the login page that is inherited from the master page. When forms authentication is enabled the login page do not display the layout content of the master page. When the forms authentication is disabled the login page perfectly displays the content of the master page. What can...more >>

Does anyone know how to open a range of ports (instead of entering the ports one-by-one) using the Windows Firewall on a 2003 server? ...more >>

I have created a new Directory from my C# application. Here's how I set users permission : DirectoryInfo di = Directory.CreateDirectory(sPath); DirectorySecurity dSecurity = di.GetAccessControl(); // Add the FileSystemAccessRule to the security settings. dSecurity.AddAccessRule(new FileSyst...more >>

Hi, I'm working on the authorization subproject of our framework, and defined a class that derived from CodeAccessSecurityAttribute. One of its named parameters is of type System.Type (actually, it should've been a required constructor parameter, but CodeAccessSecurityAttribute doesn't wo...more >>

Hi, I am using the LogonUser method to authenticate ad users, and it normally works with no problems. But now I am trying to authenticate users across domains and there it fails. If I open a folder on a machine on the other domain using the ip address, it prompt me for credentials and it...more >>

Hello, I'm using windows service using LocalSystem account to connect to MSSQL database on other server. I'm connecting using SqlConnection class and connection string "Integrated Security=SSPI; .... I get SqlException: Logon failed for user 'NT AUTHORITY\ANONYMOUS LOGON' I expected that c...more >>

Dear all, I am studying security topic for my next exam and I am actually face to a topic about securing ASP application. In that part is explain that you can secure your application either from IIS or from your config file but it is recommand to do it on both side.Good Then a brief topi...more >>

Greetings, I'm new to this group so forgive me if I'm hitting on a frequent topic. I am creating a Windows application. I want to be able to control access to the FCL via some kind of policy for the Plugins of the application. In particular, I want to be able to restrict the ability for ...more >>

Hi, I want to open a project that is on a network share with Visual Studio, when I open it VS tells me that the project location is not trusted, that is it does not have full trust to execute, and this is good, since executing a project from a network could be a dangerous operation, but in my ...more >>

I am trying to redirect a user to error page and display an error message saying they do not have the proper credentials to access the applications in vb.net. How do i do this at application level or website level. I want to read the roles/group specified in web.config file and display it back...more >>

Open Security File Warning - Publisher not verifiied User is SYSTEM runing a service with interactive checked off. I keep getting the Open Security File Warning - Publisher not verifiied message when the service tries to launch an .EXE file which it does as part of a queue fed service. si...more >>

This is a .NET example for signing a message: C# // The dataToSign byte array holds the data to be signed. ContentInfo contentInfo = new ContentInfo(dataToSign); // Create a new, nondetached SignedCms message. SignedCms signedCms = new SignedCms(contentInfo); // Sign the message. sign...more >>

Can anyone please help me directing me how to do this. I am trying to write a generic 401 error handler written in .net 1.1 which will fire when a user gets denied access to a .net application. This error handler page would detect the page/virtual application where the error occurred, check...more >>

Is it possible to create a *Windows service* that could make logon to desktop/console (instead of manual user logon-entering username and password)...something like Remote Desktop does when someone connects via RDP, but on local console? I don't want to autologon when starting Windows, but ...more >>

I want to access a remote service using creds obtained via protocol transition. I get the s4u user creds fine (WindowsIndentity("joe", "Kerberos")) I impersonate the I call AcquireCredentialsHandle (becuase I want to do InitSecContext next) The Call fails with 80090305 - unknown security packa...more >>

I'm being asked to automate our installation process in order to prevent as many user errors as possible. I am looking to see if I can use the .NET framework to >>> create <<< a X.509 certificate or do I have to shell out to makecert.exe? The resulting file would be sent out to a verificat...more >>

I have a situation which requires me to create a directory on two different shares. The windows share is easy (using LogonUser()), but I'm trying to figure out a way to create a directory on a remote SGI Origin machine through AFP. To make it more difficult, the credentials for the machine are...more >>

On Windows using VB.net I am using RijndaelManaged alogrithm in ECB mode to decrypt the data that is sent from a 'C ' application which is running on Linux and it is using the same alogrithm (rijndael-128 with ecb mode) and the encryption keys are same on both the sides . Am using ciph...more >>