I have an intranet web application, where i have windows authentication = true in web.config. I hear from end users that the website is aksing for their login credentials and they don't like it. By the way i am getting theusername from HttpContext.Current.User.Identity.Name and Domain Name from Mid(UserNameID, 1, InStr(UserNameID, "") - 1).In IIS, anonymous access is unchecked and Integrated wnidows authentication is selected.
Is the above possible? Basically i need it as I am creating a site where users can upload files to a shared network drive which is secure and has a system account
When a user clicks on upload file, If possible I would like the page to automatically kind of log in with the system account, copy the files and then log off. I know I could achieve something similar mapping a drive but would prefer not to do that for these reasons;
- Security risk if the mapped drive for some reason isnt removed by the code
have been facing a problem in passing credentials to a web service. I have searched a lot on it and found solution but they didn't work for me coz the scenario with me little different I believe.The situation is like this. I have a 3rd party web service "https://3rdpartyserver/virtualdirectroy/service/service.aspx".So when I try to browse the service in IE it takes me to the login page ("https://3rdpartyserver/virtualdirectroy/Loginpage.aspx"), when I enter usename and password in it and hit Log In button it takes me to the service where all the web methods are listed
I have a zealous network administrator who insists that we must use https on an intranet web application in order to safeguard user's credentials. The app is an asp.net web app that uses Windows Authentication to automatically identify users and log them in. There is no login dialog and user's never enter their login or password. The application does not process any confidential data, and the only rationale for requiring https is to "safeguard" users credentials. Additionally he stated that ntlm can be easily hacked.I responded with some information from an MS white paper on Windows Authentication that said it was the recommended way of authenticating users, and that user's credentials were safe because their passwords are not transmitted across the network when the application authenticates them since it sends a hash of the password.
I'm running an ASP page that is using a WCF client to get some data. How can I set/pass the Network Credentials (of the user that performed the request, not the .net pool thread) on the WCF client so the WCF service will be able to perform impersonation using these credentials ?
Is it possible to bypass the NT challenge login, and just have a standard webform login, then authenticating programtically as that user and passing those credentials manually to my connection string so that the database sees me as that user?
Hello all. I created a class that runs fine when using it with web forms, however when i create a Windows service and try to run it I recieve a NullReference error. Im not sure what else to do since the class works fine.Here is a snippet.
The service
public partial class Service1 : ServiceBase { //Timer object Timer RunTime; QBridge bridge_object = new QBridge() double test_interval = 40000; //test value public Service1() { InitializeComponent(); } protected override void OnStart(string[] args) { //Send email notification that intakes were pushed //bridge_object.SendNotification(bridge_object.service_startedtext); RunTime = new Timer(30000); //set the elapsed event RunTime.Elapsed += new ElapsedEventHandler(RunTime_Elapsed); //RunTime.Interval = SetInterval(); //calculated interval RunTime.Interval = test_interval; // test interval RunTime.Enbled = true; //set timer to true //QBridge bridge_object = new QBridge(); //bridge_object.SendNotification("start"); //SendNotification("start"); } protected override void OnStop() { RunTime.Enabled = false; RunTime.Dispose(); try { bridge_object.SendNotification("stop"); } catch (NullReferenceException nre) { System.Windows.Forms.MessageBox.Show("Error " + nre); } catch (Exception er) { System.Windows.Forms.MessageBox.Show("Error " + er); } //SendNotification("end"); } //Included this to test locally. works fine when just calling the method protected void RunTime_Elapsed(object source, ElapsedEventArgs e) { //SendNotification("run"); try { bridge_object.SendNotification(run); } catch (NullReferenceException nre) { System.Windows.Forms.MessageBox.Show("Error " + nre); } catch (Exception er) { System.Windows.Forms.MessageBox.Show("Error " + er); } } public void SendNotification(string email_text) { MailMessage initial = new MailMessage(); initial.Bcc.Add(new MailAddress("")); initial.From = new MailAddress(""); initial.Subject = "Web notification"; initial.IsBodyHtml = true; initial.Body = email_text; SmtpClient mailClient = new SmtpClient("192.168.1.1"); try { mailClient.Send(initial); } catch (Exception ex) { } } } Class using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Net.Mail; using System.IO; using System.Configuration; using System.Data.SqlClient; using System.Data; namespace Intake { public class QBridge { SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString); private string login_error; public QBridge() { } public void SendNotification(string email_text) { MailMessage initial = new MailMessage(); initial.Bcc.Add(new MailAddress("")); initial.From = new MailAddress(""); initial.Subject = "Web notification"; initial.IsBodyHtml = true; initial.Body = email_text; SmtpClient mailClient = new SmtpClient("192.168.1.1"); try { mailClient.Send(initial); } catch (Exception ex) { } } } }
Wondering if there is a performance difference between letting a long running process hang in asp.net vs running the process via a windows service. I have done this once before and the windows service was much quicker and didnt bog down my system, whereas the asp.net request seemed to wreak havoc.
I want to add quartz scheduling to an ASP.NET application.It will be used to send queued up emails.What are the pros and cons of running quartz.net as windows service vs embedded.My main concern is how Quartz.NET in embedded mode handles variable number of worker processes in IIS.
I am trying to access a wcf service hosted on a server running on a virtual machine on a windows 2008 R2 hyperv. When i access this service when running my asp.net website through code everything works fine how ever when i deploy the application on the local IIS , in the deployed mode i am getting an securityaccessdeined exception. My Asp.net app is running on a IIS server on another virtual machine. The stack trace is as given below :
Environment Info: My asp.net app has built on .NET 4.0 framework using VS2010. My WCF services are based on .NET2.0 framework. Event code: 3005
Event message: An unhandled exception has occurred.
I'm working on an ASP.NET project for the first time in about three years; in the meantime I've been working with Python/Django, PHP and Obj-C. Anyways, picked it right back up... except something that is totally killing me right now, and I have a feeling it must be staring me in the face:
I'm trying to bind to an LDAP server, for the purpose of authenticating users. The way it works here is, you bind on your own credentials, use that to find the Distinguished Name of the user you're authenticating, then you bind again on their DN and their password. If the bind is successful, the password was correct and the user can be authenticated.
Here's the problem - the first bind (on the fixed credentials, the ones with the ability to search for users and their subtrees) works fine. The search works fine. The second bind fails, no matter what, with the LDAP error INVALID_CREDENTIALS. This happens even when completely valid credentials are supplied.
Here's the code, with the usernames and passwords redacted, of course...
I want to implement client certificate in IIS 7.5 in windows 7. As per my knowladge I need to setup server certificate first for IIS. But I could not figure out how to do that.
I have to invoke SSIS packages from web service in the most secure way. I think that windows authentication will be secure but i am not sure. I do not have much knowledge about how to achieve this and the information on the internet is very distributed.
'm trying to publish an asp.net website on a remote server. When my code tries to connect to the database, I get the error message described in the question title. Now, I've gone into the Microsoft SQL Server Management Studio for SSE 2008 and can see the list of logins. NT AUTHORITYNETWORK SERVICE is there, but I'm not sure what settings I need to change to allow this user to access the database. I've tried using impersonation in my web.config file using the windows login credentials for the server, but that just brings up the same error message, with my windows username instead of NETWORK SERVICE.
in my case, It is the windows service which in running the long running insert/update on a table and I need to cancel the operation from my ASP.NET application. In the above link Burnsys suggests that one should kill the Sql server session. Is that really only way and a goood practice to do this? Also, in the same poset can use SqlCommand.Cancel to cancel. However, I am not sure how can I cancel the command from the windows service from ASP.NET application.
My WCF Client calls my WCF Service which then calls ASMX Web Service. The problem is i have configured my wcf client and wcf service to windows credentials type but when wcf service calls asmx service the user credentials (default windowsidentity) is not passed to asmx service.
In WCF Service i am able to get user identity by using : Thread.CurrentPrincipal.Identity.Name; WCF Service - i have disabled anonymous access and enabled windows authentication. ASMX Web Service - i have disabled anonymous access and enabled windows authentication. WCF Service Config [Code]....
I have a web application that uses a SQL database which contains all the standard asp membership tables.Within my Web application I use the standard asp.net membersip logic for adding new users, roles, etc...The point here is I dont use any custom providers for anything.Now on that same machine that is hosting my web application I am writing a Windows service in c# .net.As part of one of the method calls to the windows service application I was curious if I would be able to use any type of membership classes that would connect to my existing database and perform the same functionality as does the ASP.NET membership classes.
Is it possible to remotly login into Windows using ASP? What I'm trying to accomplish is, that I could remotly call a ASP page on my server (Apache on Win Vista) that logs in a user on that system. For example remotly I start a Wake-On-Lan to start the computer (server). It boots up to the user login screen where I would have to enter my password to login to the desktop. Because the service is already running at that time, I would like to open a ASP page from my client that I could pass the windows user/password and the ASP-service would login the user on the server machine.
i have made one web site which is generating screensaver(MSI) dynamically.So to generate the MSI file i have to build a WIX project.So i executed using batch file which will use MSBuild.exe and cmd prompt. so its gave me an error "Access is Denied". i have also tried by making a windiws service but still the same error occurs.
I want to access membership and profile objects and wants to access profile properties that I have defined in my web app web.config file, from a windows service. Anyone have any idea on how to do this?