https redirect to http
if i try accessing my site via https:// i would like it to redirect to the http address.i presume this is not the default behaviour of websites (assuming not running under SSL?)my (DEV) site redirects...
View Articleshow domain user name on each page
the intranet web site has many pages, each page shows user name on top by the followinglabel.text = Mid(User.Identity.Name.ToString, 6)I wonder it is proper way to do it as it also make query to AD...
View Articlei want to convert AspNetUsers table passwords from Hashed format to plain text
i want to retrieve AspNetUsers table passwords in plain text 1- i have a table i show in the table Users information i use asp.net identity and mvc 5 2- the problem is when i show the password of...
View ArticleHow HMAC authentication works for web api
just was reading a article on web API with HMAC authentication from this url http://www.piotrwalat.net/hmac-authentication-in-asp-net-web-api/if possible some one briefly discuss what is HMAC...
View ArticleTwo Factor Code reuse (2FA), can it be invalidated after first use?
Would it be possible to invalidate the 2FA code after it's first use? There is a note in the documentation about how the code is valid for 6 mins, but we want it to invalidate it after they use the...
View ArticleHow to protect my web api against reply attack
i read few articles like how to secure web api. they are saying client and server will share some secret key . client will create a has value of secret key and send it to web api always when calling...
View ArticleWebResource.axd WebForm_DoCallback Open-Redirect vulnerability
Hi all,Recently, I have received a report from a pentest tool that raised a vulnerability with DOM-based open redirection in this code block. This code block is resided inWebResource.axd, from the...
View ArticleAbout membership to identity
Hi, I have a old web app which use membership to manage my users and roles, now in this forum , I know a new product identity, could I merge membership to identity? Thanks.
View ArticleWhat is the usage of Generic Principal in asp.net
i have seen people set Generic Principal after form authentication. just see one example code taken from...
View ArticleHow to cope with membership logging out while user is napping?
Suppose one of my website pages has a video. The page itself is in a folder with a web.config that says only a few select users can use the pages in that folder. The user watches the video, then takes...
View ArticleThe ConnectionString property has not been initialized,...
Since FormsAuthentication.Authenticate() is deprecated, i'm trying to use Membership.ValidateUser(), and i have on my web.config the username and password. When i try to login, i get an error:The...
View ArticleASP.Net Identity and client certficates
Hi,I'm looking for some guidance on whether this is possible, and if so any articles/blogs that may help get this going.I have a portal that I wrote several months ago. All users have to log in using...
View ArticleHow to send an authenticated E-Mail?
Hello,I want to send authenticated emails from within my web application to prevent them to be delivered into the recipient's "Junk" folders.I tried this code: private static void...
View ArticleHow to Access MVC WebGrid coulmns in Controller
I used WebGrid in my project and now I need to do some calculation on the WebGrid. my question is how to access the WebGrid fields in the controller ?? thanks
View Articleasp roles not working
Hello,I'm using vs2010 I'm having an issue, I have created an event for the login clicked on the asp.net login. I'm trying to use if (user.isinrole("Sales")) Response.Redirect to a specific folder...
View ArticleFormAuthentication Encryption issues
I have 3 applications that have a single sign on functionality by having the same machine key settings. They are asp.net webforms application using Forms authenticaiton. The SSO works as expected for 2...
View ArticleUserManager.AddToRole() exception: UserId not found
I am using ASP.Net with VB in Framework 4.5.2 for a Web Forms project with ASP.Net Identity. I have a SQL database setup to store my Identity information and have successfully pointed my DbContext to...
View ArticleGeneral Advice / Membership identity Provder - SSO Question
I have websites hosted on several domains, they all share the same folder in IIS - just many host header entries in IIS.I have decided to outsource this bit of work, as I want to get it 100% safe and...
View ArticleSAML – Security Assertion Markup Language
Hi To All Of You, Can any one tell how to full fill this requirement in webapi.we need to implement SAML in our web api project.This is the senario and terms give the best example for it...
View ArticleRedirect user to login page web.config
My project is setup aswww.mysite.com/company/manager/myusersThe project structure is pretty much the same. I would like to restrict the manager folder so they have to be logged in. For that reason i...
View Article
