How to make a website embedable irrespective of the xframe options set to...
We have a videos website much like Youtube. Our site allows other users to view videos and also embed our videos in their sites using the , again much like youtube. The site owner has asked to change...
View ArticleRegarding identity and auth data store in client side
1) as we know form auth store data in cookie at client side. so the identity also store auth info in cookie ?2) need a sample example just to know what kind of data identity system store in client side...
View ArticleHow to set unique content-security-policy response header for each page
We have a videos website much like Youtube. Our site allows other users to embed our videos in their sites using the iframe , again much like youtube. When our website is framed i.e when it is run in...
View ArticleWhat is Basic and Digest authentication
1) i need good brief about Basic and Digest authentication. i like to know what it is and how they work ?2) what is difference between form authentication and Basic and Digest authentication ?3) some...
View ArticleWhy is there an IdentityUserRole class in the ASP.NET Identity Framework
Of course, the IdentityUserRole class in the ASP.NET Identity Framework is used to map roles to an user since there is a many-to-many relationship. But I do not grasp why this mapping is done...
View ArticleWhat would be the best authentication/authorization approach?
Hello,I'm new to asp.net and I have trouble choosing the right security for web app. Our company have large database and a lot of processes that we want to integrate into this web application. We would...
View ArticleAsp.Net 5 RC1 (Looking to Implement a User Role UI)
I am using the latest template available from GitHub. (AspNet_5)(AspNetIdentity_3)(Mvc_6)(EntityFramework_7)I started out with a StarterSite with Individual User Accounts.I am looking to set up an User...
View ArticleImplement logout in Forms Authentication
Hi All, Maybe I just didn't see it but there seems to be no article/sample about implementing logout function in Forms Authentication, would someone please point a sample to me? Or anyone could...
View ArticleMove asp.net identity database connect string?
Is it possible to move the database connection string that asp.net identity uses, from web application project to another project (DAL)?My employer is nervous about keeping it in the website for...
View ArticleHow do you handle folder write permissions at the individual user account level?
I know every web request is executed on a remote client's behalf though IIS with an application pool identity. So that the application pool identity needs write permission to a top level folder in...
View ArticleAuthentication cookie exists but still not authenticated
Hello everyone, I have an issue with form authentication. I want to create remember me functionality. Things seems to work fine cause I can see that the ASPXAUTH cookie is created and the expiry date...
View ArticleWeb Site Administration Tool & VB.NET and VS2015
Hi .net security experts, I previously used the Web Site Administration Tool. Migrated to VS2015 and it isnt there anymore. This post...
View ArticleLogin failed for user 'domain\user' - Windows Connection to SQL Server via...
<div class="post-text" itemprop="text">I had the following ConnectionString in my web.config:<add key="ConnectionStringSupport" value="server=[server];database= [database];User...
View ArticleLogin fail for user "IIS APPPOOL\DefaultAppPool'
I have a SQL Server Database coded as the SQLDataSource control in my VS2010 ASP.NET website. Exactly what does the error message mean? What do I need to do in IIS Web server manager to solve the...
View ArticleClik here to view.
Adding Member Login to Existing Website
I have a few days to implement a login system for our existing website.The existing website is built on ASP.NET using the .Net Framework 4.6.I have added Forms Authentication. I can't seem to get the...
View ArticleSeparating ASP.NET Identity Framework from Domain Model.
It seems to be a common practice to have the domain model for a web/client application in a separate class library. This enables me to provide both, a client application (WPF / WinForms) and a web...
View ArticleAllow Users to Manage their profile information
There are plenty of tutorials regarding Identity 2.0, lots of customization, etc.I find it strange that there are no tutorials on how to allow users to manage their own profile information after...
View ArticleOAuth 2 refresh token invalid_grant
Hello,I am attempting to implement refresh tokens but my refresh request always ends up as HTTP 400 invalid_grant. This is a webapi project using OWIN and OAUTH2.Any ideas what might be the cause?///...
View ArticleFacebook access token does not persist in cookies
In my application I want to store the users Facebook access token in their cookies and not server side (since the access token will expire later).startup.auth:var fbOptions = new...
View ArticleWe want to integrate ADFS and Non ADFS authentication in MVC 4 application.
Hi Dear,We have already implemented ADFS configuration in one of my MVC 4 application and working fine, but know we are in situation where we need to implement NON ADFS authentication in...
View Article