Creating own membership
hi, friends,I want to create my own membership methods,what I mean is, I want to develop,user Registration,user Login,user ChangePassworduser Rolesuser LogoutPasswords must b encrypted in DB.instead of...
View ArticleIssue in Authentication using AD Group
Hi All,I am facing a strange issue in Authentication using an AD group.We have configured Active Directory group Authentication on one of our portal such that, users only in a particular AD group...
View ArticleASP.NET Identity Create new User Errors
HiIs there a way to identify the errors while trying to create a user with ASP.NET Identity in order to respond. For example, I have the following codeIdentityResult result = manager.Create(user,...
View Articlepassword format--)
I created change password page i want the password to be hashed not encrypted for more secure websitewhich algorithm format i should use ?I prefer AES but does asp.net developed it ?or only limited...
View ArticleBasic authentication on IIS 6.0 vs IIS 7.5
Earlier we had Windows 2003R2 server/IIS 6.0 configuration and VS 2005 We now moved to Windows 20008R2 server/IIS 7.5 configuration and VS 2012 External agencies send HTTP POST to a webpage which has...
View Articlehow to find online users on my website?
i have generated a database with aspnet_regsql.EXE and i was wonder if there is anyway to find out which user are online at the moment in my website? one of the way which accrued to me was checking the...
View ArticleClik here to view.
.ASPXAUTH cookie value is null when the page gets loaded can't able to...
hiin forms authentication i'm securing a cookie while logging in, but the form does n't get authenticated after entering the user credentialsi'm securing the cookie at global.ascx.csPlease help me out...
View ArticleServer cannot append header after HTTP headers have been sent.
hi.i have a web forms app (deployed to azure) that was created using vs 2013 update 2. i have also injected elmah into the app. now it seems something is wrong with the way authentification works:...
View ArticleASP.Net Identity using a custom auth provider
I am currently developing an ASP.Net MVC web application that requires username and password authentication. I started looking into using ASP.Net Identity for this however I have a very important...
View ArticleHow can i end a session in Windows Authentication
Dear, i am trying to solve this problem for many days now but still not able to solve this, i am using windows authentication in the project and now my requirement is that i have to do session timeout...
View ArticleSSO with sub domains in mvc5
Hi, I have few .net 4 web form apps configured to use same machine key etc. to enable sso. Now I have a new mvc5 app and I need it recognize the users who are already logged into other apps. Mvc5 has...
View ArticleWCF Method level Security
Hello All, Am working on WCF. What i need is for Client A i need to show only add() method and for Client B i need to show both the methods.interface IService{int add();int sub();}For this i...
View ArticleMultitenant Application set connection string
HiI am creating a multitenant application that will store the users data either in separate databases or a single database using a TenantId to query data.I have got as far as the user being able to...
View ArticleQuestion Resources available to unauthorized users MVC attack
My IA department has run a security can on our MVC application and the following error was displayed: Resource Information in code can easily advertise vulnerabilities to unauthorized users. By placing...
View ArticleInformation disclosure vulnerabilities are leaks of information from an...
My IA department has run a security can on our MVC application and the following error was displayed: Information disclosure vulnerabilities are leaks of information from an application which are used...
View ArticleAsp.NET - Unable to login via Facebook (error message: object reference not...
Hi All, I am trying hard to allow authentication via Facebook by using the Visual Studio 2013 template (New Website > Web Forms Asp.NET). The good thing of this template is that it gives you all the...
View ArticlePassword transmitted in clear text or with an unapproved format MVC IA finding
My IA department has run a security can on our MVC application and the following error was displayed: Password transmitted in clear text or with an unapproved format are vulnerable to network protocol...
View Articleverification code can't be remembered after browser close even if "remember...
I'm trying asp.net identity 2.0.with "remember in browser" checked in verification code page, click "Veirfy" with correct code, I can log in.and before closing the browser, re-login doesn't ask for...
View ArticleNee to prepare for Audit trails for my web application
Hi all,I have developed a web application. I need to prepare for audit trails here.The following operations I have to develop.===>Logging of Authentication Process. Success and failed...
View ArticleGET AND POST are interchangeable
Hi,My web application runs on IIS7 and Windows Server 2008. Right now, we are facing an issue where the application was found to accept parameters using the GET and POST HTTP Methods interchangeably....
View Article