Modify the login control from code behind
Hello ! I have an web application that has a login control. We need to access this application from a wireless scanner (those scanners with touch screen - I will provide the model if needed, but this...
View ArticlePCI: Session-ID should no longer be in the url. How to treat user when...
we have an order-web-application without login. The session-data are stored in a cookie. When user have disabled cookies they will be redirected to the same application in a different folder where only...
View Articleany fix for Open redirection (DOM-based) issue on asp.net webresource.axd file?
When I scanned ASP.NET application using Burp Scanner Tool I got 'Open redirection (DOM-based)' issue in asp.net webresource.axd file. Please let me know if anyone experienced same issue, or if you...
View ArticleUsing [Authorize(Roles= with an AD security group
Hi,I'm putting in an authentication mechanism for my web app. If I use a specific user account then it's fine, however, if I try and use an AD security group then it prompts for authentication despite...
View ArticleASP.NET+OWIN redirect loop when talking to ADFS 3.0 (IE only)
I would like to test using an intranet ADFS server to log in to a cloud-based IIS server.I have setup a lab with:- one stand-alone ADFS 3.0 on W2K12, and one IIS 8.5 web server on W2K12.When I browse...
View ArticleGet Client Local system drive information from asp.net after hosting
hi.. i want to get the client local system drive information in asp.net after hosting the application. is it possible? need ur suggetsions with example Regards,Revathi
View ArticleUsing OpenIdConnect for Office365 authentication after being redirected to...
I have an Web Application that I am authenticating to the Azure AD for Office 365 integration. Authenticating against Office365 account seems to work just fine, however when I am redirected...
View ArticleDefault Web Sites does not show up
Hi Guys,Normally in IIS file tree you find the server name-->Sites the Default web sites where you can load your website or application but in my IIS 6.0 I only got server name then sites, Default...
View ArticleShould I encrypt data and/or should I verify it against the database?
Sup people! I really don't know how to google this, so here it goes:I'm currently encrypting somewhat sensitive data (Some products IDs which are available to all users) and putting it in the HTML...
View ArticleCreate user and send 'set password' email from another application
Hi,I have interesting design which needs to be implemented:1. There is mvc5 application (MainApp) where users can log in (want to use identity)2. Users have login/forgot password functionality. They...
View ArticleHttpClientCertificate: Automatically validated by IIS?
Hi,we plan to use client certificates to authenticate the users of our web application. Therefore we make the root certificate accessible on the web server and configure IIS (unfortunatelywestilluse...
View ArticleUsing multiple ASP Identity within MVC5
I've added admin area to an existing MVC5 project for managing content.The site is currently secured by custom ASP Identity Framework. Now I need to authenticate some user to access the admin area, the...
View ArticleASP.NET Identity with SQL Server
Can someone explain to me how I can work with ASP.NET Identity and SQL Server instead of the EF.I saw a lot of examples that says I need to create the SQL server db and then I will need to add a new...
View ArticleSharing session
Hi guysOn my IIS I have a application using membership with a custom password hasing alg (through membership I can get all users, but I can't verify one dispite of having correct password). Is there a...
View ArticleOwin MicrosoftAccount doesn't appear to SignOff
I'm using Owin authentication for users authenticating to a Microsoft account. When the user logs out, the security cookies do not seem to get removed or expired (not sure what Owin does under the...
View ArticleCREATE DATABASE permission denied in database 'master'
Hi, my situation is like this. Initally, all my web application and setup works. But due to some issue in my SQL Server which I can't solve, I created another instance database. But when I updated back...
View Articleconfigure membership provider for each role
Hi,How can I configure this situation?:I've got two membership roles: role1 and role2Each role should have its own membership provider<membership...
View ArticleASP.Net Membership provider without using database
Hi,I am working on a website that needs authentication/authorization, one thing special about this site, it does not store user/roles, instead it relies on other sites to authenticate users and...
View ArticleRetrieve user information in External Login
HiI implemented external login and I want to retrieve user information. For example in an Yahoo account I can use the code in last part of http://www.oauthforaspnet.com/providers/yahoo/ for this...
View ArticleUser ANONYMOUS is not allowed to receive the page
Hi,We have a Web Browser control in our application, dynamically url are used to browse pages in Web Browser.We have installed this application in two machines.In One machine its working fine.In second...
View Article