System.Web.HttpContext.Current.User.Identity.IsAuthenticated
we are using System.Web.HttpContext.Current.User.Identity.IsAuthenticated to authenticate the user to access few pages from our website. We hosted the website on Virtual machine. It is unable to...
View ArticleAcces local client certificate store
Hi All,I had a problem that,When i tried to use and access certificate which is available in local machine it is giving the results from the server machine not from the client machine.So how to...
View ArticleMembership Not Working When Put Live As Subdomain of Site
Hi, I created a site that uses membership for certain functionality. It works fine locally. But when I put it as a subdomain it is not working correctly. I think it has to be something to do with the...
View ArticleWhen persisting simplemembership login cookie any internet application is...
Using VS2010 I created an MVC4 web application that uses simplemembership for forms authentication. On the log in form is a Remember Me check box which when ticked persists the authentication cookie...
View ArticleFile not saving after Impersonation.
Hello,I am saving the uploaded file in the below location. AttachmentName = Guid.NewGuid.ToString() SavePath = "Z:\NAUUploadedFiles\" + AttachmentName fuAttachments.SaveAs(SavePath)After publishing my...
View ArticleOwin OAuth2 External Authentification
Hello,I have the following setup: a mvc project for the frontend and a project webapi withOAuth Authorization Server using OWIN OAuth middleware.I followed the same scenario presented in this...
View ArticleUnsupported transform or canonicalization algorithm
Hello -I am working on an interoperability issue concerning validation of digital signature on a referenced SAML assertion in a SOAP message produced by a Java framework and consumed by a .NET...
View ArticleHow to maintain Session in Load Balancer (SQLSERVER session state)
I implemented SQLSERVER session state for Load Balancer. Everything is ok now.But the only problem im facing is Connection string getting null sometimes. I tried to change my Sqlserver session...
View ArticleLogging in external page
Hello, I'm logging and redirecting a user to an external page using this procedure:<form action="http://www.outlook.com" method="post" name="form" id="form"><input type="text" name="username"...
View ArticleCheck if User belongs to NT Workgroup
I have an ASP.net Webforms site and need to check if logged on user belongs to AD Group. I have set up Windows Authentication and this the code in web.config file.<system.web><compilation...
View ArticleXSS issue
Why is this label open to XSS and what should I add to fix the issue.lbl_applicantName.Text = Helper.ConvertStringToTitleCase(applicantName);public static string ConvertStringToTitleCase(string value)...
View ArticleTimeout with the new Identity Framework
I am using the new 4.5 Identity Framework and I have set<authentication mode="Forms"><forms loginUrl="~/Account/Login.aspx" timeout="1" defaultUrl="~/" cookieless="UseCookies"...
View ArticleIs storing SMTP details in Session object (IP, username, password) secure?
Hi.I've written a tool for multiple companies to use. Rather than it send emails from my SMTP server (support@mydomain.com) I want to let them use their own SMTP server (support@theirdomain.com) to...
View Article2014-01-16 Nightly Build blew away UserManager.PasswordResetTokens,...
One speck of documentation would go a long way. A short sample of how to implement password reset validation and user confirmation would be greatly appreciated.The following code worked until this...
View ArticleSimple login and role managment
Hi I have a webapp. Before you can do anything on the site you have to login. One database pr. user, so when you login it looks up the connection string, and you are redirected. So its not like some...
View ArticleASP.NET Identity 2.x - Issue with google authentication
I am having an issue with the Google OAuth middleware.Context: VS2013 Update 2, created brand new ASP.NET Web Project using MVC with Individual accounts.This brought in the following versions of the...
View ArticleAre files with invalid extensions a security risk?
I am busy coding a AJAX file uploader that only excepts valid jpeg images. Obviously I check that the file extension is jpeg or jpg. I realize though that it is possible to disguise an executable or...
View ArticleUsers must authenticate multiple times.
On the project I'm working on, when a user logs-out they're redirected to the login page. If the users tries to login again from that point - they submit and I've verified that they have successfully...
View ArticleWindows and Forms Authentication on same MVC site
HiDoes anyone have a real/complete answer to this problem?? It seems lots of people say it's possible, but I have still to find a posting which shows all the details needed to make it work....I would...
View ArticleHow to use Asp.net Identity 2.0 with the existing simple security data table?
Hi,We have many applications used the simple flat table (only two columns: user ID and Password). Now, we want to develop a new system apply token based authentication...
View Article