Prompt user for username/password with windows authentication for a request...
Hello, Is there a way to perform a get request for a ressource on a different server needing windows authentication and having the user automaticly being prompted for his credentials WebClient c =...
View ArticleChecking if User Logged On To Allow Access to Controller (MVC using VB)
My application was created using MVC4 and Intranet Application scaffolding.The users register using the default Account Model/Controller scaffolding provided when the application was created....
View ArticleHow to avoid opening (decompile) the asp.net project dll files?
HiI want to avoid opening or decomiling my asp.net project dll files. If this files are decompiled my programs security is in danger.Have you a solution for my problem?Thanks.
View ArticleASP.Net Config and GoDaddy Problem
Hi, I used the ASP.Net Configuration under the Project menu in Visual Studio Pro 2010. The security works as desired on my local. For example, I have a folder in my project called Secured that deny...
View Articlehow authenticate iframe?
Dear all, I am using iframe within classic asp web page and iframe calls aspx webpages. I would like to enquirer, how can I authenticate the iframe url, from being hacked inside the classic asp...
View ArticleASP.NET Identity 'Account Security' Design Question
Hi,I am developing an MVC application and would like some advise on how i could use ASP.NET Identity to implement my sequrity requirements.In my database i have Users but i also have the concept of...
View ArticleTrying to create a Oauth type authentication
Hi all,I'm trying to create a Oauth type of authentication application. I have a simple SQL database with a table with columns like uID, uName, uPassword(encrypted) etc. I have a basic interface which...
View ArticleASP.NET Kerberos
We've managed to setup Kerberos for an ASP.NET 4.0 website using the following:Web Server (IIS 7) Database server (SQL Server 2008 R2) Domain account used for delegation (http and mssqlsvc) While this...
View ArticleHow to verify hash password with db.password?
Dear all, I am trying verify the createdpasswordHash with u.username. Do i need to create a new method for this or can I just amend the exsiting 'validate' method. private static string CreateSalt()...
View ArticleWant to add Windows Authenication to a subset of pages in an Anonymous...
We have a public web app set in IIS for Anonymous Authenication, works great.We have a 'mini site' within the app, a few pages within the same folder that require authenication.Right now we are having...
View ArticleUse authorization element to prevent cookie flow
I have several CSS / JS folders for which I don't require authenticated access. Specifically, I don't want the session cookie flowing for requests to these resources since it a fair sized cookie.Is...
View ArticleProtect web solution file
Sorry if I'm writing on a wrong forum.My requirement is to protect my web solutions and project files from editing.That means anyone can open and see the code but those should not be able to build the...
View ArticleIssue with ASP.NET SPA template when hosted on IIS
Hi,I am trying to host the ASP.NET SPA template that ships with VS 2013 on IIS. I enabled Google authentication for the Web API. When I run the site from IIS and choose to login using Google, it is...
View ArticlePOST request getting converted into GET
javascript is used to submit the form and method type is POSTdocument.forms[0].method = 'post';document.forms[0].submit();In some cases; the request is getting converted to GET. The occurrence is like...
View ArticleCreate New Cert for STS. (Need to extend Validity period)
I have an STS and a .NET application. Currently, everything is running smoothly as normal. I noticed that the default STS Cert created only have a 1 year validity period. I was wondering if anybody...
View Articleintegrated security in an intranet Asp.net page
I would like to connect to SQL Server with integrated Security in an intranet Asp.net page. <system.web> <authentication mode="Windows"/> <authorization> <deny...
View ArticleASP.NET 2.0 Custom Membership Provider Breaks After Deployment to IIS 7.5
ASP.NET 2.0 Custom Membership Provider Breaks After Deployment to IIS 7.5I am developing a www site on a Win7 64, using VS2008 and a SQL2008 Server. It has a custom membership provider, which when I...
View Article401 unauthorized while accessing a Secured site from ASP.NET 1.1 Site
I am trying to access a https site (Java application) from ASP.NET 1.1 application. I am getting 401 unauthorized error while accessing this site.The Server from which I am trying to access this...
View ArticleASP.NET Membership in VS2012 DB Connect to SQL Server 2012
**** Figured it Out ****I used the ASP.NET Configuration tool to set up my asp.net membership (4.0) in VS2012. I restored the generated aspnetdb.mdf to a new database in my SQL Server 2012 and...
View ArticleOWIN and Authorization Code Grant Flow - Always Bad Request (Invalid Grant)
I've set up the following in Startup.Auth.cs: public partial class Startup { public void ConfigureAuth(IAppBuilder app) { // Enable the Application Sign In Cookie. app.UseCookieAuthentication(new...
View Article