IIS
Hi I am getting the following error after publishing my code . It works fine in a development server and is also working fine in my local machine but it is throwing the following error in production...
View ArticleThe HTTP request is unauthorized with client authentication scheme...
Hi everybody, please help me with this problem.I've accessing a SOAP webservice in Java with Basic Authentication. This is my code:SecureScannedOrderTrackingService.orderTrkg t = new...
View Articleasp misconfiguration scanner
Hello,Can you recomend me any security misconfiguration scanner for web applications? I want to test websites for insecure use of compilation, forms, trace etc. tags. Something like acunetix,...
View Articlemanaged IIS7module +.Net 4.0 integrated pipeline + Medium Trust Level +GAC
I'm developing a managed module for IIS7. Assembly with my code is placed in GAC and worked fine within 2.0 pipeline... But with .NET 4.0 pipeline (and Medium Trust Level chosen) there are no...
View ArticleSecurity Issuse
Hi,Iam sorry if iam asking a silly topic.i have a website where users can login. iam storing values in Session cookies. when users click logout the cookie expires. but on clicking browser back button...
View ArticleWhat am i missing that my user account cant upload a document to a virtual...
So we have been working on a intranet site for our office and because we have 2 network shares where all our documents and projects exist, im trying to allow users to upload only pdf files to the...
View ArticleUser Password Recovery in OWIN Example
What is the best way for a user to recover a forgotton password with OWIN?
View ArticleLogon failure: unknown user name or bad password
Hi All,When i try to upload file into network computer i am getting "Logon failure: unknown user name or bad password". error message.I have set Impersonate=true in web.config but did not work for...
View ArticleCustomizing a Trust Level in IIS 7.0
Hi folks;We have a problem. We have a web site with a number of web applications residing under it. Each of these web applications make use of a customize configuration file which was called...
View ArticleOnly allow login from specified network
My situation is i have a website hosted in data center (not in my office), so anyone who know my url will be able to view my website althought require login only can access it. My office have 2...
View ArticleQuestion about sanitizing w/ AntiXss
Where is the best place to sanitize? I was thinking about doing the following but someone may have a better ideapublic class myObject { [Required] public string SomeTextField {get; set;} public string...
View Articleprofile's properties not in .config
Hello,In my work, I have a code who uses ASP.NET identification and I need to add a property for a profile. The site already has some user's properties defined but there aren't in the web. config, do...
View ArticleAuthorization and Authentication
Hello, We are looking for some ideas to authorize and authenticate internal and extrenal users in our organization.Right now we have a common database which stores the roles and responsibilities for...
View ArticleInvalid token during email confirmation using ASP.NET identity
I try the new ASP.NET identity. I have some more complex scenario than in examples. I create an user account without setting password and send the confirmation email. During the conformation user is...
View ArticleLogin failed for user 'NT AUTHORITY\ANONYMOUS LOGON'
hi teami have this issues, i have 2 machines Machine A has SQL server 2008 express Machine B has IIS 7 with windows 7 32 biti have a web page that search the log information from tables from Machine...
View ArticleSQLMembership to Identity 2.0 - old encrypted passwords
I've migrated a SQLMembership database into an Identity 2.0 database.My old database used encrypted passwords. My identity 2.0 implemenation will use hashed password.My SQL script inserted into the new...
View Articleconnecting to remote site with API using Windows authentication passively
hi guys as topic says im in need with a project to find a way to connect to a remote server likehttp://cdn.col.dk/getdata.asmxbut it gives a windows authentication login box but i need to do this with...
View Articleyahoo contacts fetch using asp net and c#
I am facing the problem in content fetching form yahoo. Previously this code is working fine for me. Now I am getting this error.The remote server returned an error: (401)Unauthorized.I am using this...
View ArticleAdding Windows Role Manager broke my ReportViewer?
I just enabled the Windows Token Role Manager on an internal ASP Forms web application, and it's working fine, except it seems to have broken a ReportViewer control. The only authorization I have in...
View ArticleDifference between Integrated Windows Authentication and Windows Digest...
I am working on ASP.NET web application and need to implement authentication using Active Directory domain accounts.From what I understand there are 2 possible options:Integrated Windows Authentication...
View Article