.NET Security

The "secure" cookie option dictates that the value of the cookie should only be sent over (unspecified) secure means.  In practice this has come to mean over SSL.  This is critical in keeping session cookies safe from prying eyes. ...

I'm using .NET 2.0 to develop my product. I've built a build system using MSBuild that is building my C# assemblies.  I've created a strong name key pair, and I've extracted the public key into a separate file.  The MSBuild ...

Seems like all of the authentication-related questions I see on the net don't seem to fully answer my question or dive off into alternate tangents.  So, here's my situation. If I'm developing a broad distributed environment, where authentication ...

Hi, I managed to get the login control working with users and roles by using the website configuration tool.  My questions is: this seems to be creating a  database in my SQL server....but how do I get ...

I want to restrict access to my web service to only approved client applications. This has to be done from inside the web service, so Windows Authentication is not an option. I would like to allow the possibility of non windows clients, so I am ...

Sorry if this is a bit of crosspost. I'm using VS2005 and VB.net. I have a DC W2K that has a user group I created, MyUsers, I put existing User Bob in that group. I need in my VB app to determine if the currently logged on user is a member ...

I want to get the details of SSL/TLS security and the certificate details which are implemented on a perticular domain, just by passing domain name (like hotmail.com) with asp .Net code. is it possible? if it is, how? ...

Hello, I need to write a .NET component that will decrypt the data using the 3DES algorithm. The funny thing is that the original encrypted data is encrypted using the CAPICOM dll w/ 3DES. I know the .NET 3DES service provider class needs a 128 bit key for ...

I'm using windows Authentication on an intranet to identify users to the application. I'm having the following problems: 1. When someone accesses the web site, a logon dialog box shows up.  I thought if the user is already logged on, this shouldn't happen.  But ...

I am trying to understand how I can programmatically determine whether I am allowed to create files in a given directory. DirectoryInfo.GetAccessControl() returns a DirectorySecurity object: DirectoryInfo di = new DirectoryInfo(@"c:\MyDir"); DirectorySecurity ds = di.GetAccessControl(); Now I can call ds.AccessRightType, but I don't understand why this returns a ...

We need to do an integrity test at startup for our application (take .exe and compute signature and check against the know signature). Does anyone have info/sample on doing this? I assume we have to have a public key and ...