I have some security concerns over storing a Active Directory username/ passwd in a text based web.config file for the identity impersonation definition. I know that web.conf is not accessible via the web browser, however someone with account on the server can get to the file and steal the cr...more >>

Hi I’m trying to enumerate the certificates located in “Computer Account\Personal\Certificates” and “Computer Account\Trusted Root Certification Authorities\Certificates”. Anyone know how to do this? i'm trying using CertOpenSystemStore, but cant figure out how to open "Computer ...more >>

I'm developing a new .Net 2.0 app for one of my corporate clients. What I've done for them in the past is provide role-based security in their VB6 apps. I'm considering having task-level security in the new apps, now that they are on Active Directory, and possibly using Authorization Manager. ...more >>

I am writing a smart client application that will be used both within my company as well as outside of my company. For the users within my company I want to be able to authenticate users by using their Windows accounts, but for users outside my company I will have no option but to use Usern...more >>

I have a service that starts a thread which waits for a global EventWaitHandle to be set, writes to the application event log, and waits for the next set. I have a simple windows forms application with a button that sets the event on button click. My service never receives the event o...more >>

Hello, My application performs several HTTPS requests (potentially concurrent) to different web sites In order to handle any error linked to certificate checking, Im setting up a callback function as follows : *************************** ServicePointManager.ServerCertificateValidationCal...more >>

Hi, The following code doesn't work for mapped drives: using System; using System.Text; using System.Threading; using System.Security.AccessControl; using System.Security.Principal; using System.IO; namespace ConsoleApplication1 { class Program { static void Main(string...more >>

Hello ! I develop an .NET C# 2.0 test application witch requires SecurityPermission for accept unmanaged calls. >> If I Execute this application from c:\ ... Application work fines ! ok >> ... with mscorcfg.msc application : >> If I change the association between code group "My Compu...more >>

I want to enumerate through the running processes on the system and determine if the process is running with a higher security token then the current user, that is, which are the more privileged processes then the executing one - how can accomplish this? TIA ...more >>

Hi Is there any tools within .NET Framework for generating MachineKey in ASP.NET (both 1.0 and 2.0)? If not, using third party site is the only way or what is the best method of generating the key. Can anybody help me in this at the earliest :( Regards Pradeep...more >>

I am logged on to a computer on a wireless network I am on my user ID Can anyone else on the network log on to my session?? As my children are now using thier computers I dont want to put blocks on certain sites but dont want them looking at what myself and wife my be looking at or even plann...more >>

Hi! My question is - System.Security.Cryptography.Xml operate with ds: prefix in SignedInfo? If yes - please show me the way how create and validate xml signature with this prefix, using net 2.0 and c# visual studio 2005. I try many other ways generate signature SignedInfo element with prefix ...more >>

Hi, I'm using vs2005, .net 2.0 on win2k server. Here I'm searching for a Computer object in AD using the sid that I translate to octet string format for use with DirectorySearcher but it's not finding it. But I see it using the ldp.exe. Is there someting wrong with my filter or is the pr...more >>

Hello, I have a problem on an application I am developing: This C# Windows Application calls a C# Web Service, which it uses the SourceSafeTypeLib DLL to interact with Visual Source Safe 6. The problem comes out when I call the VSS method "Get(ref string Local, int flags)", which should g...more >>

Hi I have developed a web application (ASP.NET 2.0 - C#) which uses a COM dll (Delphi 7) to carry out some server side operations. The COM dll internally creates some threads to connect to some asynchronous APIs which are proprietary APIs of our organization. The COM dll has following two m...more >>

Hi all. I want to encrypt simple text with MY Private Key so the recipient can decrypt it with MY Public Key. But I get a 'Bad Key' exception when I try it. Conflicting info on the web and in articles suggests you cannot do this due to (export) restrictions in the .NET API and that you can...more >>

How do you protect your application code in C#.net. ...more >>

Guys, I have a small class in a web app that encrypts and decrypts values using the RSACryptoServiceProvider class, using the machine key store. The code works fine and I am able to encrypt/decrypt information fine in my application. However, the encrypted information is being stored in ...more >>

The hosting service I am currently using allows the following Code Access Security permissions. 1. DnsPermission to perform DNS queries 2. FileIOPermission to read and write files within application directory. 3. ReflectionPermission to reflect public members of a type, with "NoFlags" 4. Sec...more >>

Hello, We have an no touch deployment application hosted on a webserver and invoked via a link like http://myserver/myprogram.exe This requires that the user have myserver in the list of trusted sites and this site to have elevated permissions. This has been working well for some time now,...more >>

Hi, I am trying to debug some old code that has this line in it: WindowsPrincipal winPrn = new WindowsPrincipal(WindowsIdentity.GetCurrent()); When I run this line (which I believe should be doing nothing more than indicating who I am), I get the following error: "An unhandled exceptio...more >>

Hi, When i'm using the SSLSteam class, and i want to do a Client authentication, must my client certificate be stored in the current user's "MY" store ? Can i load this client certificate from a file using X509Certificate.CreateFromCertFile(MyCertFile) ? Thanks in advance, Victor ...more >>

Hello, I have written a small application (A) that connects to a web site through SSL, sends a request and receives a response. This application works fine. In particular, the SSL handshake takes less than 0.20 sec. If I use the exact same piece of code inside a very simple Windows service ...more >>

I have been trying to figure out if .net 2.0 now provides a way to do the Diffie-Hellman key exchange over asyncronous sockets. I have been unable to determine if this is now possible. If not, I could the class from Mentalis. If anyone has any information, that would be great. Also, as I am q...more >>

Hello, I am doing the Security Audit of a .Net Application Developed on ASP.Net 1.1. The Developer has informed me that he has implemented RSA-SHA1 for the Authentication Module, The credentials of which are shown below. challenge=AbDwjDe34zzDBEzF5WdnzPuNTUY%3D&hidFlag=T&posx=79e5b ...more >>

Hi, I'm using vs2005 and .net 2.0. I currently prcoess each Security Log entry one by one to extract those that fit the selection criteria. Is there a function that I can use to query the entries with option of filtering for certain event id and/or time period in C#? -- Thanks....more >>