Secure Crypto Keys Using DPAPI?
Feb 11, 2011
I am writing an asp.net application that encrypts sensitive data which is decrypted by another asp.net application running on different user accounts in the same domain.I have read a lot of articles saying to use DPAPI to pass the key management to the OS level.How can I use DPAPI in this scenario? i don't want to store the crypto key in a file or database.
View 1 Replies
Similar Messages:
Feb 8, 2010
I have a DataGrid that I need to be able to use to delete records form a file
[Code]....
[Code]....
I use
((TextBox)GridMenuOptions.Rows[e.RowIndex].Cells[1].Controls[0]).Text;
To access the data in the Grid for updating, but it doesn't work for deleting
I can use
string id = GridMenuOptions.DataKeys[e.RowIndex].Value.ToString();
but that only returns the first key.
How do I access the rest of the keys?
View 9 Replies
Dec 7, 2010
My current project has many peripheral systems and many different environments (testing, integration, development etc). As expected, we're using .config files to dynamically manage everything.
Instead of updating each relavant key when deploying to an environment, I was hoping there was a way to change 1 key only. Such as:
<add key="Environment" value="Development"/>
<add key="WebServiceLocation" value="http://<<Environment>>/text.asmx"/>
I've done some searching and haven't come up with an elegant solution. I'm aware that .config files can make use of system variables, but this seems like a bit of a high wire act.
View 2 Replies
Jul 13, 2010
My web application will be launched through existing thick client applications. When launched, an HTTP POST request will be generated including information like the userID and additional context information (basically stuff like the target user's name, birthday, etc.).
My plan for authentication is for there to be a look-up table in the database. If the username is already there, automatically login the user, but if there is no entry in the database, redirect the user to an initial login page which will be used to create that database entry.
My question is how to secure this against MITM and other security holes. How can the request generated through the thick client be on an SSL connection? Doesn't an SSL connection have to be authenticated with the username (and password) first? And if so, will the additional context information be publicly exposed until the user is logged in?
View 1 Replies
Oct 25, 2010
I have a browser compatibilty problem with https? I have SSL installed and is in usage. Until today morning, my https part is working well. From then, Https is shown as https(with slashed in red color) saying the page has some insecure content. I have not changed any code and suddenly i see this problem in chrome. In IE 8, i see the same problem but on every page, it shows me a popup if i should allow to opne secure and non secure or just secure. Firefox has no issues . It shows correct https without any problem. I am fed up with it searching all over. Why is this happenening for me in Chrome and IE 8.
View 3 Replies
Oct 24, 2010
I have a custom mini login user control that I have embedded in the top of my website which shows on every page. These pages are non-secure HTTP://. I would like to avoid having to redirect the user to a HTTPS page to perform the login but I definitely don't want to send login credentials to the server in plain text.
I am trying find a method to send the user's login credentials encrypted via https from a non-secure (http) page.
I tried to set the postbackurl for the login button to itself but in https, but the user's input is not retained and the buttonLogin_click is not fired when I set the button postbackurl property. My ASP.net web application is VB.Net framework 4.0
I am assuming this can be done because I see lots of websites where login fields are on available on every page and they are running http and I can believe they are not encrypting the login credentials.
View 3 Replies
Aug 10, 2010
I have a GUI when i log in i create a cookie and it encrypt it. I am usin SSL.
I check in the Login.aspx page if the cookie is secure, which it is. but then before going to the default page it goes to the Global.ascx page.
Here in the Application_AuthenticateRequest it gets the cookie and decrypts it for the default page..
Now i know that it is getting the same cookie as all the other attributes match the one that was created in the Login.aspx page excet that the secure value is "False".
this is the case for all other pages after default. the value of the cookie.secure is false.
why is this happening as i want all the pages to be secure by SSL.
Also the pages are opening as https not http.
here is my web.config
[code]....
View 1 Replies
Jan 18, 2010
After logging to the mvc site using a secure connection (https), calling actions using https connection show up with the user logged in but calling actions using http it bahaves as if user didn't log on. Since I need to use a virtual directory for https connections(and can't use that directory for http connection) Https links start with: [URL]
View 1 Replies
Sep 17, 2010
I'm working on a legacy web application - frames and a mixture of html, asp and aspx. The entire site is https. For some strange reason when I hit a specific page I get the magic message that says the Page contains both secure and nonsecure items. (IE obviously doesn't want to tell me what those resources are) I have checked the page that's being loaded and there are absolutely no http://... links - everything is relative links.
I have fired up fiddler and checked what's being requested - everything looks fine. I am completely at wit's end here. I have absolutely no idea why I'm getting this message, but it's completely screwing with the site.
View 3 Replies
May 28, 2010
I am developing a web application in which the clients wants to send a pdf copy of aa Authenticated Page to users and as well as to the administrator..
As I google about this problem but didnt find any solution.
Because in all cases I have to pass the url of the secure page to the function...and in runtime when function make a webrequest to the page it will always generate the PDFof the login page.
So is there any way to generate the PDF of a secure page in C# ASP.Net
View 1 Replies
Mar 29, 2011
Can function keys be used in a Web application? If so, how
View 1 Replies
Feb 2, 2010
I am developing a cms that will use more than one domain and i have to use only one google map script in my page. Is there a way to use google maps without api key? Otherwise it's not working?
View 4 Replies
Feb 22, 2011
I have an MVC3 with EF4 project. I have a screen for order .Order has 2 id's inside it for Billilng and Shipping AddressID .When I go and create a new order these fields render as single textboxes as Ids'Question is how can I render full address textboxes (addressline1,city,state,zip etc) do I have drop in the html markup for them? In that case while capturing the data back I willl have to go with classic way of retrieving name/value pair and then do insert into address bring back that identity and update the order record...?
Create(int customerID,FormCollection fc){}
So the main question is how can I do ModelBinding with foreign keys?
View 8 Replies
Apr 27, 2010
is it possible to change my debuging kyes instead of function keys..
because am using the laptop and always i have to press "fn" key to prss the f10 or f11
is there any solution ..or can i permanantly press the fn click event ?
View 1 Replies
Feb 24, 2010
I develop a project for this project i want shortcut key, how to assign functional keys
View 2 Replies
Feb 28, 2011
I am using Access 2003 Database and I need to retrieve list of a table's foreign keys and tables they are related to in C#. I used GetSchema() function of OleDbConnection as well as OdbcConnection classes. But It just returns the name of key among few other details.
OdbcConnection con = new OdbcConnection(conStr);
View 6 Replies
Mar 3, 2011
I checking to see if we have any way to return all the keys to array without using the for each loop (there is no constraint for me to use for each loop i am just looking is there any other way)
View 3 Replies
Mar 22, 2011
I am developing asp.net MVC3 application and I have following entity
This entity has composite key (CreditRegistryId and Accoubnt No are primary keys). CreditRegistryId is a foreign key as well. How can I make composite key and foreign key. I am using DbContext API from EF 4.1. I am not using edmx ( ORM designer)
[code]...
View 1 Replies
Nov 10, 2010
I have an EF model with a table with several foreign keys. These foreign keys are managed by associations. In code, I can get a strongly typed list of objects when I access that property on the object.
When I generate a strongly typed view, all I see are the int fields. Is there a way to get ASP.NET MVC to bind to the objects that are related as well as the main object?
View 1 Replies
Nov 7, 2010
I just came across some code that seems to encrypt database keys prior to sending them to the client (WebBrowser, Silverlight, etc).
To illustrate, suppose you have a list of students to extra-curricular activities, and a relationship defined between them. Every time the data is written out to the ASPX page, the studentID and activityID is encrypted. Every time a write, or modify is made, this value is sent back to the server, decrypted, and saved to the database.
What could be the reasons to expose data this way? Is this a normal practice?
View 1 Replies
Mar 2, 2010
I'm getting up to speed with MVC. In all examples that I find, the database tables always seem to have a single autoincrement column as the key. Is this the standard for DB Design when the intent is to use MVC or can MVC cope with compound primary keys that dont necassarily have autoincrement?
Typical DB Design:
[code]....
It's just that obviously in the real world many companies already have a good DB design populated with data based on the classic design style. If I get clients contemplating updating their applications and want to use the MVC framework, will they also need to consider the redesign of the DB?
If MVC can cope with compound key's are there any good examples. I thought that by using binding exclude/include that compound keys are possible, but it wasn't clear to me.
View 1 Replies
Sep 26, 2010
I'm working on a mapping application and will be allowing a user to make a query and have the resulting locations display on a map.I want the users to be able to interact with the map, but I need to know exactly which item they're interacting with, so it would be easiest if when the original query is made, the id's are put in a hidden field somewhere so I can just perform an insert statement based just on the key, rather than having to to another query to find out the key by saying "where location name is x and the coordinates are y, and the description is z" etc.Is this a bad idea, i.e. could anyone do any harm if they discovered that I was storing the primary key in a hidden field?
View 1 Replies
Mar 1, 2011
I am using the web application and i want to use the function keys(f1,f2,...) in my web application as we can do in the windows application.
How can i do this?
View 2 Replies
Aug 10, 2010
whats a good way to test the settings (especially keys) in web.config? I think its not really testable with NUnit, or is it?Example: <add key="SomeKey" value="SomeValue" />
View 2 Replies
Oct 6, 2010
I am using asp.net menu control. In window application we assign shortcut key through '&' sign for accessing menu item but in asp.net this is not working and there is not any property like access key for menu items.
View 5 Replies