.NET Security

I am designing a document store. I want user to login and then be able to download files presented to them in the form of a list of links. Obviously I don't want nonlogged user to be able to see the files over http. I have ...

be more precise --- Dominick Baier - DevelopMentor [link]    nntp://news.microsoft.com/microsoft.public.dotnet.security/<bbrantly.1lm***@mail.mcse.ms> What excatly did you have to do? I have webserver A ...

I'm trying to instantiate an RSACryptoServiceProvider in a web service, which works fine on my local machine.  But when I move the web service out to my production server, it blows up with the following error: System.Security.Cryptography.CryptographicException: CryptoAPI cryptographic ...

Hi, We distribute data updates to our dotnet client apps in form of Access files. We want to protect the content of these files from unauthorized readers but we cannot figure how to do this... Our thoughts are: 1) Access database passwords can easily be broken and are therefore ...

Hi, When I register a ServicedComponent to COM+ either dynamically or manually, I have this error: Failed to register assembly. 2: Access to the registry key HKEY_CLASSES_ROOT\Component Categories\{62C8FE65-4EBB-45e7-B440-6E39B2CDBF29} is denied. Then I found this article: ...

I have a general question where is the best practice to store and how to pass in the key for symmetric encryption to an app.   I have created a helper dll to aid with the encrypting\decrypting sensitive scripts that we have.  How should I interact with this DLL by ...

I am trying to use a WIN32 waitable timer to wake up a standby system at certain delayed time. The WIN32 code is working as expected, but .NET version using DllImport to WIN32 APIs does not generate the expected timer callback, and the waking up ...

[I originally posted this on the aspnet.security newsgroup but it really should be here] I have a problem with using LogonUser() and getting my code to see a network resource. The original application was an ASP.NET page that uses ...

My application architecture involves 3 layers. The 1st layer is the IIS Web Server, which has .Net components. When a file is uploaded the contents of the file are extracted in bytes and stored in the Database Server via .Net components in the application server. ...

We are trying to create a system where our users will navigate to a web page, and this web page will reference a Windows User Control which is then downloaded and run on the users machine. The User Control is referenced on the web page in the following way ...

I am attempting to construct a custom implementation of IMembershipCondition (which actually does a bit of work and then delegates to a UrlMembershipCondition object). I hjave given it a trong name and successfully installed it in the GAC, but an attempt to add it to the policy assemblies in the config msc tool gives ...

What excatly did you have to do? I have webserver A and Files servers B,C,D,E what do i need to configure? -- bbrantly ------------------------------------------------------------------------ Posted via [link] ------------------------------------------------------------------------ View this thread: [link] ...

I wrote a program and installed it xcopy logged onto User A. Everything works OK. When User B logs on and attempts to run a part of the program which writes to a log file, the following error comes up. ...

I have a Win98 laptop which is connected to our local network. I want to run a .NET program which is located on a server, but I am not allowed to by the laptop. If I copy the exe to the harddisc, it will run ok. ...

How to protect session states when using ajax ? give a me link about the topic . thanks for the answers ...

I get some marvelous error from my c# program again & again, i guess it is a security exception error, so i disable security with caspol -s off, give it full trust, copy it to hard drive, copy it to cd drive, sign it with public/private key, in all these cases i got the same exception, i use framework 1.1.4322. and just want to read the file, not write to it, also i am admin of my computer! and it is in the same directory. why i got this error? ...

Hello there, I am facing a problem with CFileDialog and ImpersonateLoggedOnUser on Win2k system. I wrote a small program to run on Win2k, after starting the application from Non-Adminstrator account, can run and open some administrator restricted files after giving Adimistrator user name and password. For that I use ImpersonateLoggedOnUser. But CFileDialog fuction fails when you login using administrator account. Any Idea why this is happening. here is how I used these calls: ...

We have a .NET GUI that is talking to a backend J2EE server using a proprietary bridging solution (not webservices). All of the GUI users logon to their machines, which in turn authenticates them against ActiveDirectory. So by the time the user pulls up the GUI s/he has already been authed against ActiveDirectory. So far, so good. The problem now arises as the J2EE server is protected against ActiveDirectory as well. So any access to the J2EE server requires user/pass to go against ActiveDirectory for auth/auth. We need to be able to extract the user/pass from the GUI and pass it down to the J2EE server for auth. Yes I know -- "we cant gain access to the password because of..." ...

Good morning, I'd appreciate it if anyone had feedback on this particular scenario. It is my understanding that a process' primary thread is allocated a security/access token upon creation. My question is: How does one reproduce (through software) the 'Connect As' ...

having trouble posting. testing -------------------------------- From: mathew mathew ----------------------- Posted by a user from .NET 247 ([link]) <Id>0BzER6NfxEaPkL/UUHCPvQ==</Id> ...

Hi, I am porting a client program from Java to .NET. In a nut shell I need to encrypt some data and send it over to a linux server, where the data is decrypted using openssl libraries. The public/private keys are generated with openssl routines. ...

Hi all, I am trying to write a small utility using CAPICOM. What I am trying to do is use a smart card and create enveloped data. As long as I use alogorithm like rs2,rs4 or triple des the code works fine. ...

(Type your message here) -------------------------------- From: veer prasad Hi...Friends.. Plz.. help me ..for this task. Role based security:- The database consists of two table one table consists of user name and password and role second table consists of role and pages ...

I have a Windows Control too, but built on C# and, I have the same problem. I would like to know how set the permissions on the NET Framework Configuration Manager, the app just run on the local intranet but just work on my machine ...

Hi everyone, Im designing a web app which will run as an executable from a network share. The problem is the security exception that keeps popping up. How do I set the permissions with the caspol tool.Is there a painless way to do this.The reason is caus I have  about a hundred users who need  to access this app and it would be impossible to walk to each persons desk .The company has not had this issue cause they were working with vb apps and they worked fine. ...

I'm having a PrincipalPermission problem.  Here's what I've done: 1) In IIS directory security, I've disabled Anonymous access and enabled Integrated Windows Authentication. 2) Created a local windows group called "TESTERS" 3) Created a local windows user called "TESTUSER" ...

Hi All, I am new to web service consuming... and so need some help and advice. We need to consume a web service (by a third party vendor), to get some information. We are using C# on .NET 1.1 and WSE 1.0SP1. The service uses https://. We also need a two-way certification for accessing the data. I have imported the certificate (provided by the vendor) under my personal settings. ...

I have created windows control. This control I have included with Object tag in web page. It works in IE. Within control I am accesing aspx pages from same server. Parent page which has this control is authonticated. I am using windows authontication for web application. ...

(Type your message here) -------------------------------- From: a g Hi guys.. need your help. We have abc.asp page on the source server which calls a .net component on that server. The component is in MTS running under say "domain2\id1" identity. The component uses HttpWebRequest to call xyz.asp on the target server. Both servers are under the same domain say domain1 and there is a trust between domain1 and domain2. ...

I'm looking for a way to get a remote HTTPS server's public certificate. I want to use this to encrypt data that will eventually be sent to that server via HTTPS, but I don't want the data to be readable on the computer's hard ...

Hi, I'm in process to develop thin control, that will be used in our web pages and IE. Control itself uses tag <object> and compiled in one assembly, that referenced another 2 assemblies, generated by VS as wrappers around COM object (Ax & regular version). ...

I have a parent directory that is open to anonymous users and a sub directory that is restricted to authenticated users.  However the user is redirected to the login page and after a successful login, forms authentication does not ...

Hi, in a asp-vb.net web application, i have a login page. when i use the login page with http:// url, everything is fine, authentication works. when i work with https:// it also works. when i change from https to http after the login (only login works with SSL) ...

well - no built in way, at least. you could pass the information manually in a header or a parameter. You then have to make sure noone can tamper with your packets on the wire. you could accomplish this by using SSL - or message level security, aka WS:Security as provided in the WSE2 toolkit. ...