Advice on security implementation
Dear Active users,I am about to create a MVC application which will be communicating with different web services and web api's. Each time a request goes to any web services I want verify whether the...
View ArticleI cannot seem to get authorization to work with windows authentication.
I have an asp.net mvc application that I have created with VS 2013 express. I have deployed the application in IIS using windows authentication on a windows domain. I have tried using the...
View ArticleApplicationOAuthProvider integrated with ASP.Net membership
I have an extensive Web site written using MVC 4 and using ASP.Net membership for authentication (aspnet_Membership, aspnet_Users tables etc.).I want to add on a gateway for mobile apps that use OAuth...
View Article"Query string too long" error when Windows Authentication Enabled
I am seeing the following error after I changed the authentication settings to my MVC5 Application (in VS 2013):HTTP Error 404.15 - Not FoundThe request filtering module is configured to deny a request...
View ArticleMVC5 - EF6 - SQL server - WindowsAuthentication - works in studio debug, but...
I followed all the following MVC/EF tutorials:https://www.asp.net/mvc/overview/getting-started/introduction/getting-startedGetting Started with Entity Framework 6 Code First using MVC 5Getting Started...
View Articleanyone know how to report markup bug to Microsoft Security?
sorry if this is the wrong forum ... i tried tweeting @msftsecurity but so far that's being ignored.issue: i wanted to file a report* here: https://cert.microsoft.com/report.aspx but they only allow...
View Articleidentity 2.0 some users can't log in, some can.
Elmah logs show the exception "patient was null, BUT TRIED SIGNING IN NOW 0".So if my users are signing in successfully, which they must be because they are hitting the profile page, then why do some...
View ArticleHow to Enable Web Applications Running as ApplicationPoolIdentity to Read...
We have web applications running on IIS 7.5, and their application pool's identity is ApplicationPoolIdentity.We want to enable them to read performance counters.Unfortunately, we cannot add their...
View ArticleThe specified LINQ expression contains references to queries that are...
Hi Guys i am getting below errorThe specified LINQ expression contains references to queries that are associated with different contexts. UserManager manager = new UserManager(); RoleManager...
View ArticleOWIN Resource Server - [Authorize] Always Returns 401
I've been intently looking at this article: http://www.asp.net/aspnet/overview/owin-and-katana/owin-oauth-20-authorization-server.It seems that I got the authorization server to work because I'm able...
View ArticleWhat are the available options to define inside attributeMapUsername other...
I am working on an asp.net mvc web application, and I want to know the available approaches I can use to authenticate users against our Active directory ldap server.I use Asp.net form authentication....
View ArticleNewly Created Users Cannot Login
Hello all, can someone please help me out? I am building an ASP.NET VB.NET Website using VS 2013, I've created an user account for testing and that one works well no problems, I can login and browse...
View ArticleClik here to view.
Authorization rule is not working for images
Following is my folder structure.I need to apply authorization rules for all files under secret folder (including Bear.bmp).Following is my updated Web.config after adding the handler mapping. The...
View ArticleWhat options are available for Authentication and Authorization without OWIN?
Hello!I was considering to use Identity 2.0 to authenticate users in a new application I'm creating.However, I cannot use OWIN. The template from Visual Studio uses a lot of classes from the OWIN class...
View ArticleContent security policy
Hi,Our Security consultant advised us setting content- security-policy for each data sending to client.I read some links about httpheader , but I don't know where in my code I should use this setting...
View ArticleJson post request ( secure) error
Hi i want to make a Json Post request in .net it must be secure i havce the .cer file , .pem file .pfx file the private key i wrote some code to that but the server on the other side say the request is...
View ArticleSSO and sharing user data across websites
SSO and sharing user data across websitesHiI have two websites www.site1.com and www.site2.com. I want to implement SSO but I wondered how can I share user data across this two websites? User could...
View Articlehow to link a user account to your custom model class
hello frnds,having been working on a little project of mine as a new learner of the asp.net mvcc framework.. am having a little difficult. so here my scenario..I am creating an online Admission System...
View ArticleSSO/Security Federation for Asp.net & Jsp sites
Hi TeamI have a below given scenario to address.I need to basically implement SSO for two web application one is written using asp.net & other one is in jsp. Both these applications are hosted on...
View Articleidentity impersonation with asp.net
my pages have an editing function to modify the records in the table of a db using a user login. So the field can show who modified the record. The login uses windows authentication. I searched from...
View Article