Security :: Getting URL From Another Domain?

Feb 3, 2010

I have one web site in asp.net, c#.

This site needs to get a request from another web site/different domain. How can I check whether the request is coming from right web site so that no any hacker will take an opportunity to enter in my web site.

For this, client does not want to share encryption logic, query string or stroring session state in the same cookie.

View 4 Replies


Similar Messages:

Security :: Impersonation With Domain Account Without Joining The Domain?

Sep 28, 2010

My feeling says it's not posible but anyway I am curious if there is at least a workaround for accomplish this.Basically I am working at my client site and my machine is not connected to the domain.What I want to do is running a web application locally under a domain account, and using the webdev server.The webapp uses the default authentication, windows authentication that is.I tried using impersonation with domainuser & password but I got the following error Could not create Windows user token from the credentials specified in the config file. Error from the operating system 'Logon failure: unknown user name or bad password.I have to mention that the username and the password are correct.

View 2 Replies

Security :: Unable To Log In On Domain Which Redirects To Another Domain?

Jul 23, 2010

I have a domain: http://www.mydomain.com. This domain is redirected to http://mydomain.anotherDomain.com.

I user forms authorization, so when the user navigates to Default.aspx he is redirected to Login.aspx. Pretty standard stuff.

On FireFox the user can log in on both on http://www.mydomain.com and http://mydomain.anotherDomain.com.

But with Explorer http://www.mydomain.com doesn't work. I only get the Login.aspx page.

Can it have anything to do with that on http://www.mydomain.com I can't see the filename ('Default.aspx', 'Login.aspx')? How can I enable so the filename is included in the redirected domain?

View 3 Replies

Security :: How To Set IIS To Handle Both Domain And Non-domain Users

Jan 27, 2011

I have an intranet web application. There are 2 user groups, group A belongs to the domain and group B does not. If I set the IIS to enable anonymous access, Request.ServerVariables("LOGON_USER") always return nothing. If I disable anonymous access and set Integrated Windows authenication, a Windows login prompt will come up if group B's users want to access the website.

How can I setup IIS so that when domain user access the website, it will direct to the main page with Session("user_name") = Request.ServerVariables("LOGON_USER"). If a user is not a domain user, the website will direct him/her to a login.aspx instead of having the Windows authenication prompt, then set Session("user_name") = txtUserName.Text, and finally redirect to the website main page ?

View 2 Replies

Security :: Login From Webform On One Domain To Another Domain?

Apr 12, 2010

We have a website for our company on one domain and we have a login form to a webmail solution on another domain.Now i would like to build a form on our website the transfers the request to the login form on the webmail domain and automatically validate the user if user and pass are correct.Need help to find the correct way of doing this. The domains is hosted by our company, the website and webmail is on different servers. I don't want to use the querystring,

View 3 Replies

Security :: Domain Attribute In Web.config Is Unrecognized Attribute 'domain' In Asp.net 1.1

Jan 21, 2011

I am trying to achieve a SSO implimentation across my websites so i am using the machine key attribute to do so.now the trouble starts here as the website the user logs in is on the .net 1.1 framework and the website it it navigating to is .net 4.0.I have share the same machine-key across both the application . It works fine in my testing environment but as i move to the deployment server ,it just dosent work !So what i could do is read this article on MSDN :

http://msdn.microsoft.com/en-us/library/eb0zx8fc.aspx
this tells me to add a domin attribute like below
<forms loginUrl="~Login.aspx" defaultUrl="Default.aspx" protection="All" timeout="80" name=".ASPXAuth" domain="asbc.com"/>
but this thing just dosent work on the 1.1 application and throws an error Unrecognized attribute 'domain'.

Where do i get to mention the domin in my 1.1 application.?

View 3 Replies

Security :: Login From A Different Domain?

Jan 16, 2011

I have a web server in a stand alone domain that does not have a trust relationship with the main domain.

Is it possible to authenticate against the main domain with a web application hosted on the stand alone domain?

View 1 Replies

Security :: How To Get Windows Domain Name And Username

Jan 19, 2011

My intranet web application uses Forms Authentication. How do i get the Active directory domain nameusername of the logged in user. The IIS directory security settings for the app are:

Anonymous User Access : Ticked
Integrated Windows Authentication : Ticked

I tried using the following but to no avail

System.Security.Principal.WindowsIdentity.GetCurrent().Name ----> returns NT AUTHORITYNETWORK SERVICE
Request.LogonUserIdentity.Name -----> returns The username used for anonymous access

ineed to pass this information to an external application for the current user to gain access to the system. Can i untick Anonymous user access in IIS and continue using forms authentication? what are the other options.

View 3 Replies

Security :: Getting All Users In A Group On A Domain?

Nov 16, 2010

is there a way i could find out how to get all the users in a group on my domain, i have a domain called "cot", within that domain we have multiple groups like "RO,Admin,PM,SPM and 2 or 3 more", i need to get all the users in a particular group, i am using vs2008 and coding on webforms with c#, i have tried various example i could find online but none have worked for me so far.

View 3 Replies

Security :: How To Authenticate Users From Different Domain Of IIS

Oct 28, 2010

I have the IIS webserver on Domain A. I have many users on Domain B, C, D, E.

I've set the NTFS security permission for each user and his/her domain to the webserver's security ntfs permission folder. But it is still not authenticating. So what do I need to do to enable this feature? I am using windows 2003 webserver.

View 2 Replies

Security :: Separate Record Of One Domain To Another?

Mar 6, 2011

I have a problem. On the one domain [URL] save employees in another domain [URL] save other employees. What is the best solution for this? Do I need to save each table id_domain?

Example:
Table: tbl_domainname
ID, domainname
1, [URL]
2, [URL]

Then, in each table ID_domene I save?

tbl_employees:
ID, ID_domain, firstname
1 1 firstname1
2 1 firstname2
3 2 firstname1000

Is there any better way to do this?

View 4 Replies

Security :: Getting Logged In Domain User

Apr 5, 2010

All I'm trying to do is pull the current user's login name from Active Directory. I've tried User.Identity.Name.ToString, which returned nothing at all. I tried Environment.UserName.ToString, Which returned "NETWORK SERVICE" which is not the firstname.lastname username that I was expecting.

View 3 Replies

Security :: Login From Another Domain To Website?

Sep 28, 2010

I have a small website that uses the asp login control and now i want to allow a user login from another website that i have. The problem is the other website is only html not aspx and i'm not sure how to write the form to login. here is the login i'm currently using:

[Code]....

once the users click login the form post back to the server and verifies the credentials and retrieves the necessary information. How can i login to my website from the other website?

View 1 Replies

Security :: Login Page Using Domain Account?

Feb 8, 2010

I am trying to build a login page as follows.On the machine on which i want to host the application i have a windows administrators group in which some windows domain users are.Now on building the login page i only want those people to access the application on login. What is the best way to acomplish this.

View 1 Replies

Security :: Windows Authentication For Several Sites In One Domain

Jun 18, 2010

I have two different web sites in Intranet zone. They are placed in one domain (like http://site1 and http://site2.site1). They use Windows Authentication for common domain (like mycorpUser1, mycorpUser2, mycorpUser3).First web site(http://site1) have iframe element with hyperlink to second web site(http://site2.site1). When user loads first web site he needs write login and password twice. How to make that http://site1 and http://site2.site1 ask authentication only once?

View 2 Replies

Security :: User Details Access In Different Domain

Mar 9, 2010

Im working on an application that has a login section that accepts a username and password. On successful login a userid is returned and encrypted with TripleDesKey. The user details are then stored in a session object. We already have a class library that performs encryption and decryption using a key in the web.config file. I basically want to be able to access the user details of the currently logged in user in a page accessed from the main site that may be in a different domain, but is effectively part of the same site, so I wont have access to the session object from the main site. so basically a user logs in, I have the user details stored in a session object, I also have access to the encrypted userid also in a session object. If a user then clicks a link to another page that is in a different domain, how do I persist the userID?

I suppose I could I tag the encrypted userid to the querystring, but security could be an issue here (even though the id is encrypted, someone could still modify it)

View 2 Replies

Security :: Using Roles With Windows Domain Login?

Dec 7, 2010

I've built a windows 2003 server at work with SQL server 2008, we normally login to a domain of which I don't have administrator access. Is there a way I can build and use a database of Roles to work with logged in users?

View 3 Replies

Security :: Can't Share Cookie Between Domain And Subdomain

Mar 8, 2010

I have two websites (domain and subdomain), something like this: www.website.ro and en.website.ro and I am trying to share a cookie between them. I have set the cookie domain to "website.ro", I tried setting it to ".website.ro", but it doesn't work. I can only read the cookie in the website that created it.

View 5 Replies

Security :: How To Allow Users Out Of The Domain To Access Site

Jun 29, 2010

Currently in my application using LDAP to authenticate user to a specific domain & then i check if the user exist in my site database.

Now i need to also allow users who do not belong to this specific LDAP domain to access my site ..How can i make it possible withoput affecting the exisiting users?

View 1 Replies

Security :: Restrict Access To Domain Users Only?

May 12, 2010

I have just started to use asp.net mvc.

I have read this article about using ntlm authentication

[Code]....

it provides access to specific domain users

[Code]....

I want to restrict access to all my domain users only lets say

[Authorize(Domain="redmond")]

or do I do it via web.config

View 2 Replies

Security :: How To Get The Domain An Intranet User Is Coming From

Jul 16, 2010

We are using IIS6 and .Net Framework 2.0 for our intranet with Windows and Digest Authentication . We have 2 domains that have access to this intranet. I suddenly have the need to display slightly different content for users from Domain A. The changes are rather trivial (text on a label and and image in a header) but important to our stakeholders.

View 4 Replies

Security :: How To Write A Cookie For A Different Sub-Domain With No Encryption

Aug 10, 2010

I'd like to write out a cookie for a different sub-domain than the one I'm running in. Basically, what I want to do is have a php forum page automatically be authenticated from the asp.net login.That is, I have[URL]When the user log's in to www.mysite.com, I want to write a cookie out that the forum.mysite.com can pick up. It's only going to have the username in it so no encryption is needed. Nothing unsafe best I can tell. I've tried the below code but that still seems to make an encrypted cookie. I need to read it back into php unencrypted.

[Code]....

View 2 Replies

Geolocation Information With Asp.net Mvc (cross Domain Security)

Jan 20, 2010

How can I get a user's geolocation information (City and Country - internet service provider and internet speed would also be great) based on their IP address?

I've searched and found several tools for doing this but I seem to run into problems using them with asp.net mvc. Many of them relate to using json and the "security risk" involved in cross domain ajax calls.

View 1 Replies

Security :: Two Applications Using Same Domain / Common Authentication Possible

Feb 19, 2010

I have a case where i have two asp.net applications, one is hosted on example.com/App1 and the other on /App2.

both applications are password protected using Windows authentication.

App1/default.aspx has a <img src="/App2/somefile.aspx">

Now what happens when i open App1 is that i get the credentials prompt, but because App2 is also protected, the HTTP GET for the img requires me to authenticate, in other words i get two prompts.

Is it possible to do something so that the authentication is for example.com so that both App1 and App2 consider the user authenticated?

View 4 Replies

Security :: Adding Domain User Roles To A Web App?

Jun 18, 2010

I want to make my domain administrators the administrators to my web application so that they are the only ones that can change content. All other users would simply be able to read the material. I am relatively new to web apps and I can not seem to find what I am looking for anywhere on the net.

View 2 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved