Authorization - MySql
Hi all,I'm writing my web application and I have already done the part about authentication (I'm using Simple Membership Provider and MySql as DB). The code is like...
View ArticleDigest Authentication throws 401 intermittently during load test
I am calling an Internal Web API with digest authentication from a custom windows client load testing application (please find the code snippet of the client application below). I do 100 concurrent...
View ArticleDisable the asking user Credentials
In my application i enabled windows and impersonate authentications. If i run my application then it is prompting for windows login credentials, Once i entered windows login credentials visited my...
View ArticleClik here to view.
how to build membership in visual 2015
helloi`m using visual 2015 for my asp.net website. my database is in the app Data folder in the project. i trying to use membership but it cannot connect to data base. i did this steps:1- first this...
View ArticleIs there anyway to Encrypt and Decrypt data without the new of storing the IV...
Hi, I am a beginner to ASP.Net and I task to do a project assign by my school that requires me to code a strong encryption system such as AES. However, my supervisor does not allow me to store the key...
View ArticleAre my codes prone to open redirect attacks?
Hi, I would like to know if this set of codes is prone to open redirect attacks or not as I am task to solve the security issues of the application.if (e.CommandName == "edit") {...
View ArticleHow to prevent access to production database
In order to resolve issues, my IT developer team can debug asp.net app with a connection string to production database, What measures can we implement to avoid unintentionally change data.
View ArticleSecuring Micro Services Architecture internally
I am implementing a solution with set of Micro Services (Web API 2 Rest Services) with Rabbit MQ as the message broker. The Edge server is Authenticated using OAuth based Identity server. Internal...
View ArticleWeb API + Web Appliaction vs Authentication :)
Hi. I created two new project:- ASP.NET Web API 2 use authentication: individual user accounts- ASP.NET MVC appliaction use authentication: individual user accountsI configurate IIS. I can registration...
View ArticleDeactivate the used verification code in Two-factor authentication process.
Hi,I am doing Two-factor authentication using SMS and email with ASP.NET Identity 2.0 and Owin, I am able to login my application with already used verification code, Please advice me how to...
View Articlemvc set and get id and name in FormsAuthentication
how can i set and get id and name in FormsAuthentication here only i set namevar user = db.usertable.Where(x => x.UserName == L.UserName && x.password == L.password).FirstOrDefault(); if...
View ArticleCreate a Simple Email Form with ASP.NET Identity
I am trying to update my old email code to use ASP.NET Identity because when I try to send a message using the code, I get a message saying:An attempt was made to access a socket in a way forbidden by...
View Articleodd problem with membership when it expires - callbacks freeze the page.
I've using the regular membership (forms authentication) security where a web.config file associated with a folder says who can access the pages in that folder.Suppose the user is viewing a page in the...
View ArticleSTS Preload list
Hi,What is a Strict Transport Security preload list? Do all, or at least major web browsers, support a preload list? What are the pros and cons?Appreciate any explanation.
View ArticleSite redirects to Login page no matter what, ignoring web.config (using...
Hi,I recreated an existing site in ASP.NET and I'm having problems with the new iteration. No matter what I do, it redirects to the login page. Even putting in an exception in a web config on both...
View ArticleProfiles
Hi, I've added the following code to my web.config file:<profile enabled="true"><providers><clear /><add name="AspNetSqlProfileProvider"...
View ArticleCan't debug web app in VS 2015 after HSTS
Hi,I implemented an HSTS (HTTP Strict Transfer Security) in our web server 2008 R2 host to comply with our IT requirements.However, after doing that, I can't debug my MVC web apps running in the...
View ArticleAsp.net Web Form LoginStaus with Identity
I create a new web form application in vS2015, The template site default use Identity. and the login.aspx is placed in Account folder.I put a Asp.Net control: LoginStatus on default.aspx, when I login...
View ArticleLogin page and password hash
Hi,I'm using the following codebehind file to register a new user:Imports Microsoft.AspNet.Identity Imports Microsoft.AspNet.Identity.EntityFramework Imports System Imports System.Linq Namespace...
View ArticleSecuring ASP.Net MVC Web App from SSLStrip attack
BackgroundI am developing a Web application using ASP.Net MVC. I deployed the application in IIS(V8) and now doing the Web app hardening process. I configured the SSL in IIS and the Web app is...
View Article