[Code]....
i have a above connections string in which i use UserName: taha1_ID2, Password: taha321, and SQL Server DataBase Name:taha1_web2 How can we encrypt it in web.Config
Note: All the above are fake.
How to secure the connection string in the webconfig the best way
View 1 RepliesIn my environment, we use Active Directory as our password repository. I'm writing an app that uses the users windows session (windows auth) to authenticate the user. This is working well, but I need to provide a way for users to log in as a different user. I setup a web form to accept a username and password. My question is this, I need a secure way to validate the user's credentials against AD. I cant have the credentials passed as clear text. Ive come across the impersonate user functions, but i'm leary because you have to pass a clear text password into the password field. I know I could also use LDAP, but without a certificate, I know plain LDAP is relatively insecure. Can someone point me in the right direction of a more secure solution to query AD with the credentials?
View 3 Repliesi have my own cloude server. with iis7(OS:window server 2008) . i want to deploy my webApplication on that can u tell me best configuration of iis7 and webconfig file for my application.
View 3 Repliesi try to make website inside folder and this folder it have webconfig file ex.
root/websit1 this a website
i will make another one inside the first one
root/website1/website2
and both it have webconfig file and site map. if remove webconfig from seconde websites is work fine but if i leave it show error this msg
[Code]....
I have a website application which performs a function which I need to integrate into my main website application. Right now I'm getting errors as I copy and paste the parts of the web.config file from the working app into my main app. When I just paste in the assemblies, I get 2 errors. I'm just going to just paste both of them here and if you think you integrate them, I'd really appreciate it if you would paste it here in the thread.
[Code]....
And here is the one I'm trying to integrate into the one above:
[Code]....
How to encrypt email setting in webconfig ?
<mailSettings>
<smtp from="abc@ddd.com">
<network host="174.xxx.xxx" password="xxxxx" userName="abc@ddd.com" port="25"/>
</smtp>
</mailSettings>
I have added few assemblies of microsoft through:-
right click on project name->add reference->com tab
Its get added and are shown in web config like:-
<compilation debug="true">
<assemblies>
<add assembly="Microsoft.....">
</assemblies>
</compilation>
Whatever I want to do using all this, its Working fine locally..
BUT when I upload it, this web config file shows error and doesnt proceed at all and my website goes down.
I am facing strange problem. I have a database connection string in web.config. I am not able to read web.config file. Its perfectly working in our server and my system also. After hosted in outside server, i am not able to read web.config file at all. What could be the problem.
View 18 Replieshow can i access 2 external config files from web.config file.
i have done it for one external file like this in webconfig:
<appSettings file="........">
Now how can i access the second external config file from same webconfig.
I have created a webservice, which debugs fine with no errors, and published this on my localhost server for testing.
I have created a windows app which calls the webservice but am hitting problems as soon as I reach the point where the webservice tries to connect to its database.
The connectionstring is held within the web.config file of the webservice as
>><connectionStrings>
<add name="MyConnectionName" providerName="System.Data.ProviderName" connectionString="server=MyServerName; database=MyDataBaseName;uid=MyUser;pwd=MyPassword;"/>
</connectionStrings>
and called within the code by using the statement
>> System.Configuration.ConfigurationManager.ConnectionStrings["MyConnectionName"].ConnectionString
, and as I said before, this works perfectly when debugging the webservice application directly.
However, the windows application is not seeing the connection properly, if I use the statement as above I get a debug error stating that it is a NULL reference. If I change it to
>> System.Configuration.ConfigurationManager.ConnectionStrings[0].ConnectionString
I no longer get a debug error, but the connection is not made. On testing the above code it believes the name for connection 0 is "localSqlServer" and in both the web app and the webservice the error below is returned.
>>An attempt to attach an auto-named database for file \MyServerMyDirectoryMyProjectMyProjectApp_Dataaspnetdb.mdf failed. A database with the same name exists, or specified file cannot be opened, or it is located on UNC share.
why the windows application see's the correct connection string code as null? Is there additional security I need to add for the web.config file to be accessible? Or does the connection strings need to be relicated within the app.config of the windows app?
Both applications are written in C# and I use Visual Studio 2010, ASP.Net version 4.0.30319
My Web.config customErrors section is given below
<customErrors
mode="RemoteOnly"
defaultRedirect="error.htm"></customErrors>
How can I exclude a aspx page from DefaultRedirect, if errors occur in that page?
We have an IIS/ASP web page from a vendor that we have just dropped onto a webserver within our company. The ASP pages do not come with any sort of authentication built in, so I am trying to configure the site to prompt for credentials before being accessible. I would like the site to prompt for the credentials in all cases (ie. I don't want Internet Explorer to pass through the credentials of the logged in user). I want authorization to this site to be allowed only to members of a certain security group with Active Directory.
Is there a way to do this? I'm not really an IIS guy, nor an ASP developer, so I'm kind of feeling my way through the dark here.
Based on some searching, I have tried adding the following to the web.config file:
[Code]....
I have also installed the IIS URL authorization role service, and have tried playing around with the authentication settings within IIS, to no avail.
I am using IIS7 on Server 2008.
I have precompiled and encrypted my webconfig. What else could I do to make my site secure.
View 2 Repliesi have a single page that needs to be secure (https) , my problem is i dont know how to do it. Can you give me walkthrough on how to do this?
View 1 RepliesHow to make web services secure in asp.net both the asmx and on WCF. Currently we have web services and now are in process of converting them to WCF in some modules in our application. Now as upgradation is in process we like to incorporate security on the web services as we intend to open some of them to all our clients via web (they contain both asmx and WCF as well).
View 1 RepliesI am building a ASP.NET website that has members pages. I have created a folder where I keep the members pages in and that can only be accessed by logging in or creating a new account. The problem is how do I make the url of these members pages secure, so that someone cant simply give the url to another user for them to copy into a browser or bookmark.
View 2 RepliesOn code behind I do subit after the user clicked a button.After this, I am trying to refresh the page, and it sends the submit again. and so, there are duplicates in the database.How can I delete the form details immidietly after the first submit?? orelse, what are my options to deal with such scenarios?
View 2 RepliesI am building an application(asp.net) with online payment so i want to make these payment page SSL enable.
View 1 RepliesI have a folder "uploads" at my FTP and I have to upload all the files in that folder using ASP Fileupload control, but I have to use FTP Credentials to upload the files. Earlier I use to do the same action by giving Write Permission to Internet Guest Account (IUSR) on that folder, but now scenario is different. Also what is the different between both methods? Is there any security concern in File Upload using FTP Credentials?
View 3 RepliesI have a doubt regarding secure cookie.
I have four servers 2 App Server(behind firewall) and 2 webservers and each server is accessing through Load Balancer.
App Server is a modules for Data Access layer and webserver is for Presentation layer.
My Issue is My Load Balancer has Secure certificate installed but certificate is not installed on servers and I want to make cookie as secure in site , as per my understanding " cookie should be set as secure only for SSL site other ways new session will get create every time" so should I install SSL certificate on webserver to make my cookie as secure or will it work properly even if only Load Balance has SSL.
how can secure credit card number in database
using Encryption technique. using stored procedure instead of inline query and what more....
I'm looking for a way I can store username and password credentials in a web.config file & use these values to re-direct to another web service, once these are authenticated.
The process is as follows:
* User logs into our website with required credentials
* There is a link on our website which invokes a new webservice
* The webservice is a paid for subscribed service (which requires authentication)
* Usually, there is a web form for this type of web service but since we need to steam-line the process from initial application logon, the logon page is not required.
* So when the link on our website is clicked, the new webservice is invoked. Authentication should be done by using the credentials in the web.config file and user is redirected to webservice (avoiding logon page)
Could someone tell me using pseudocode or a small asp.net code example how we could achieve this process?
The key goal is to avoid user going into the Logon page and redirecting directly to the URL for usage of the webservice.
How to make a secure login page using sql database by matching a user name and password and redirect them to differnt page as admin and user
View 2 Replies 1)How to make Default.aspx page a Secure socket layer page?
2)How much code does this take?
3 Is it easy ? i have no idea how this works