.NET Security

I have a windows control dll in my root folder and embedded it on a webpage which works fine. I then tried to make a reference to a COM object in the control which needs to run on the client machine.  I copied the dll for this object into the root ...

I have a client/server scenario where I need the client to impersonate a specific account, depending on rules established on the server.  Essentially this a call back event that happens occasionally where the server needs to temporarily elevate the clients permissions to do some work. I really dont ...

Hi I Have following program. When I run this program and try to encrypt the file using the "Encrypt" button, the file gets encrypted. But every time i do encrypt, I get a different output. As per my knowledge of the cryptography, every time I encrypt same data ...

Hi, My windows service application contains an IpcChannel which listens msg from client. If I install it with MyServiceProcessInstaller.Account="LocalSystem" or "LocalService", or "NetworkService". Then I got an exception "System.Runtime.Remoting.RemotingException: Failed to connect to an IPC ...

Hi, What is the most secure option for web service security that is also easily interoperable between .NET and java, or other technologies? Suppose you are developing a .NET WS, and plan to have many callers using many different technologies, which mechanism would you choose for ...

Hi, If CAS policy is setup to deny an assembly ANC the permission FileIOPermission, then if the assembly attempts to do File IO, the .NET FW assembly that handles file IO should catch it, right? It shouldn't be necesarry to put a check for FileIOPermission in the assembly ...

I'd like my application to encrypt certian secitons of the config file. I'd like to use the System.Configuration.SectionInformation.ProtectSection API. However, I'd like the application to be able to decrypt the file no matter what user is using it or what machine they are running on. So I can't use the ...

Hello all. I'm working on a project for a community college which allows the Alumni to update their contact information over the web. We would like to mail the Alumni a physical letter which has the link to the web form that collects the data. The Alumni then will enter in ...

Hello All. Can anybody describe me why this code: string assemblyPath = "myassembly.dll"; X509Certificate cert = X509Certificate.CreateFromSignedFile(assemblyPath); Evidence evidence = new Evidence(); evidence.AddHost(new Publisher(cert)); AssemblyName asmName = AssemblyName.GetAssemblyName ( assemblyPath ); Assembly asm1 = Assembly.Load(asmName); Assembly asm2 = Assembly.Load(asmName, evidence); ...

One of the constructors for a WindowsIdentity allows you to pass the UPN of a user and have an identity created for that user. If your permissions are setup correctly then the system is supposed to return you a delegatable ...

I am reading the Event Log from application , its working fine when connects to local coputers event log but giving the following message instead of the actual error message when connecting to remote server's event log ------------------------- "The description for Event ID in Source cannot be found. The local computer ...

We currently have an application running on .NET 1.1.  It hashes certain data using System.Security.Cryptography.SHA1Managed class.  It has worked out fine until we upgraded the app to .NET 2.0.  SHA1Managed in 2.0 hashes ...

Which certificate store does IIS look at when someone tries to send something through SSL to your website. Thanks, paul ...

I have a .Net app running on a Win2K3 server, with .Net framework 1.1.4322. On a separate Win2K3 server, were are running SQL 2000, with no service packs (don't tell me about it - its a customer requirement). ...

I have a machine that is running the 2.0 version of the .NET Framework. I have installed a VB .NET application (dll A) on this machine although instead of installing the files to my local drive I am installing them to a ...

Hi, I need to check the current principal's read-, write- and full control access to a given directory without using try-catch. Any suggestions will be highly appreciated. Best regards Birger Niss ...

Im developing a c# application and i want to access properties like the name of the person. example: DOMAIN\jsmith - I want to Access "John Smith" the same way Share Point does for the its users. Please help me. Thanks ...

I have a client/server application that uses TCP socket based communication, and right now I'm using my own ID/password scheme. Clients send an ID and password to the server, which authenticates them against a table in a local SQL database.  This requires users to keep ...

I have previosly developed some small apps in Visual Studio .NET 2003 and MS SQL server. Am now about to develop a secure webapp in .NET to be used on our intranet, and I'd appreciate some input. We are using Active Directory (AD), and MS SQL-server. I need some SSL ...