.NET Security

I have seen a number of postings with problems similar to this: W2k Pro  sp4 fully patched IIS 5 web service:  ssl enabled; requiring client certificates Running on same machine as client Client .NET 1.1 console application in C#: ...

Hi.  Under the Microsoft .Net 1.1 Wizards there are 3 wizards: 1) Adjust .Net Security 2) Trust an Assembly 3) Fix an application. I want to use the Trust an Assembly wizard to trust several assemblies (from a network share).  However, it seems to insist that I only select one ...

I'm trying to use TripleDESCryptoServiceProvider to encrypt some data to authenticate with a DESFire card, however, the default key is 16 zeros which causes a CryptographicExecption to be thrown; it complains about weak keys. The card also supports Key1 = Key2, which gives DES support; This also ...

How can I, through VB.NET, find out if somebody has access to a specified directory? The directory will be on an 2000 Server. TIA. Jeffrey. ...

Hi. We are creating an intranet here in ASP.NET and we decided that we are going to use a kind of Forms Authentication but using the users in our windows domain. So, we are creating a default login form, but the user will use the name ...

I have been using AzMan for a security proof of concept and really like what it has to offer.  Our company has over 3500 XP user workstations.  The new version of software that we are building and preparing to roll out needs ...

Hi, there:   This might be a newbie question. I want my web service to require a certificate to access, so I go to IIS my virtual directory property and Directory Security page. I found the "secure communication" secion including ...

What is the difference between Full Trust and Everything in .NET security configuration? I know there is a difference, because if I take the following steps, I can't even get a simple winform app to run: 1. Create a code group for the My Computer Zone ...

Is there a way in .Net to specify that an embedded resource can only be accessed from within the assembly?  Or, in general, what is the best/most secure way of storing a client-side cert without having to have a user profile? ...

Ping.  Again.  Has no-one really run into this?  Does anyone from Microsoft read these groups at all?!?!?!?         Ignus ...

OK - I have a few different things going on here which appear to be confusing me. I definitely had the scenario described below where I had executed some code but later got a security exception saying I didnt have execute permission. ...

You mean the name of the caller?? That's in  SecurityCallContext.CurrentCall.DirectCaller.AccountName --- Dominick Baier - DevelopMentor [link]    nntp://news.microsoft.com/microsoft.public.dotnet.security/<#ttsf3hLFHA.1***@TK2MSFTNGP15.phx.gbl> ...

We have a COM+ application written in C# (a serviced component) thats get accessed by remote hosts on the network. How do I obtain the WindowsIdentity of the caller of my serviced-component? Regards Morten ...