smtp sending email twice.
I am using .net membership functionality, The problem is on forget password page it send two emails to the user , any idea why?I am using Windows 2008 Server.Imports System.Net.Mail Partial Class...
View Articledisplaying message for unauthorize
I am writing to ask, how do I add in response (message) in the following code, when the user fails to authorize:Test API controller:[Authorize] public HttpResponseMessage GetRole(string username) { var...
View ArticleChecking if User Logged On To Allow Access to Controller (MVC using VB)
My application was created using MVC4 and Intranet Application scaffolding.The users register using the default Account Model/Controller scaffolding provided when the application was created....
View ArticleASP.NET MVC 5 / OWIN - Missing added claims
Hi,I'm using ASP.NET Identity 2.0 Beta 1. I have some problems with using my own custom claims (I don't think it is Beta specific).I added this code to SignInAsyn in...
View ArticleADMembership exception when trying to use SqlMembership and no connection to...
<div class="post-text" itemprop="description">I am using 2 membership providers, sql provider and Active directory providerI am switching between them in the run-time based on some logic, I check...
View ArticleOWIN Resource Server - [Authorize] Always Returns 401
I've been intently looking at this article: http://www.asp.net/aspnet/overview/owin-and-katana/owin-oauth-20-authorization-server.It seems that I got the authorization server to work because I'm able...
View ArticleBruteforce attack - Test Case
I am working on securing my application against bruteforce attack. We have decided to lock the account for 10 minutes on 3 consecutive invalid logins. Have got this test-case - For example - If a user...
View ArticleClik here to view.
ASP.NET sql injection example
Hello,I'm trying to create a little simple login that is vulnerable to SQL injections and then afterwards I want to secure it so I have a little demo that I can share in my class.So far I have created...
View ArticleModify Username length and allow special characters
I'm using Visual Studio 2013 VB.NET and Web Forms. I need to allow the username to be as short as three digits while also allowing an email address to be used as the username. I don't think this is...
View ArticleAny good tutorial to implement Identity without Entity Framework.
I am new to this and would love some tutorials on how to implement Identity without using EF.If I implement my own UserStore do I need Entity Framework?
View ArticleIs approved not working with Asp net membership with window authentication.
Hi,I have a system that initially used Forms Authentication to authenticate users. It used the default asp membership and roles provider to handle storing of users details (e.g. username in...
View ArticleIIDentity Groups of Roles?
Working with VS2013, asp.net forms authentication, C#.I have an asp.net app that was created with the idea that various pieces of the application would require specific rights to either display or...
View ArticleHow to retrieve a the salt from database without user knowing the salt.
So I have a ASP.NET v 4.0 Web Forms application connecting to MySQL Server v 5.2.47. It has a user creating an account. The user selects his username and password, my program creates a salt and then...
View ArticleAD authentication from browser both automatic and manual
I have an web site that can retrieve some data from active directory.I was able the user to enter their AD username and password to get the information.my current problem is that if the user computer...
View ArticleFolder Permission
Hello TeamAs we have a dedicated server and deployed our web sites to that server. We have a folder name called "Documents" and the sites images appering from here only. We have security issues on our...
View Articlecan't get "setAuthCookie" to persist a cookie
I have a login control with a checkbox called "rememberMe". In the Login1.LoggedIn event, it checks the value of this checkbox, and if its true, it does the following: currentuser =...
View ArticleOWIN and Authorization Code Grant Flow - Always Bad Request (Invalid Grant)
I've set up the following in Startup.Auth.cs: public partial class Startup { public void ConfigureAuth(IAppBuilder app) { // Enable the Application Sign In Cookie. app.UseCookieAuthentication(new...
View ArticleCan't connect to provider in Web admin tools
About an hour ago I stopped being able to connect to my db provider in web admin tools, and I didnt change anything, anywhere. I am trying to connect to a local server so there is no connection string...
View Articleencrypt connectionStrings on hosted web site
hello,i am trying to find a "how to" or tutorial of how to encrypt the connectionStrings. i have a local development environment (vs2013, sql2012) on the same machine. i am using xdt:Transforms and...
View ArticleCreating Login with Token
Hi,I am wondering if anyone could point me in the correct direction of tutorials on how to create something like the following:I have a simple logon screen, Username Password capure.I have created a...
View Article