I am interested in finding out how I would go about displaying a website wiithout forms authentication but to utilise forms authentication when the user makes a request by clicking in the signin button, and then the user will view other pages that are private and secure,
View 2 RepliesI have built an ASP.NET application that needs to be password protected. This application will be installed on multiple offline computers, and we need to make sure that when being installed it requires a password. But even if it requires a password, someone can easily copy the database and the published folder and duplicate the application on their system right?
I need a way to prevent this. It should only work on laptops that we have installed it on.
I have a website that is going on a public server so I want to password protect it, but for a while only myself and a couple of others will be using it. I will eventually get it together to do it right and have the users in a database etc, but for now, I just want to put a couple of users with their passwords in the web.config and have them authenticate on a login page.
View 2 Repliesi have a problem in my asp application . Im trying to protect the path for my application using this code :
Uri t = Request.UrlReferrer;
I've got SL application where i should implement file managment subsystem. I've got hierarchical structure of filesfolders(just description). Also each filefolder has its own permissions to usersgroups. I would like implement that one user who has permission to download file couldn't give it to another user, who hasn't this permission. So if user has download permission he get link [URL] and download it. But he could give this link to another person without permission.
View 2 RepliesI have a site in development with several web services (ASMX) that post important data to my database. When I navigate to the ASMX file in my browser, I can fill in the form with the parameters and post to the DB. If someone finds the URL to my WS, they can severely alter my database. I want to prevent people from being able to post to my WS publicly. So far, I've thought of two things that may but I'd like to know if there are any other ways:
Check to see if the HTTP Referrer to the WS method is the domain the WS is on Add an additional parameter called Key to all important WS methods and have this be an encrypted "password." Then encrypt my stored password on the WS side and compare if the keys match.
I have developed An Inventory Management System in ASP.Net . The application is hosted now ... From manager to data entry operator every1 z having seperate login , roles and limitation to access website ... From Our office every1 is accessing the application and working on it. My question is even they can access the apllication from public PC (Browseing Center) ?? coz they knew the password. Am i rite. Now, I need to restrict my application access in public PC (Browseing Center)? Can i limit accessing of my website application only in office not in public PC (Browseing Center)? can i allow certain IP to access my website application?
View 11 RepliesCode:
Sub btnLogin_OnClick(Src As Object, E As EventArgs)
Dim myConnection As OleDbConnection
Dim myCommand As OleDbCommand
[code]....
I found this code for user authentication. How secure is this? Can this be bypassed? Can I protect a MySQL database with a password? Can people see a MySQL database's data if it's not protected?
<system.net>
<mailSettings>
<smtp from="email@domain.com" deliveryMethod="Network">
<network clientDomain="www.domain.com" host="smtp.live.com" defaultCredentials="false" port="25" userName=" email@domain.com " password="password" enableSsl="true" />
</smtp>
</mailSettings>
</system.net>
This is the case where I need encryption for my password. I searched and googled much on the web but I can't be able to encrypt anymore.
I need to preteect text file from vewing because it include usernam and password
View 1 RepliesI have a ASP.NET page called admin.aspx that needs to be protected from direct access.
I want it to be accessed only when the user enter his name & password in another page called login.aspx I'm working in ASP.NET with Visual Basic .NET 2008,how to do it.
I have a site where most of my pages are arranged in business area folders, e.g. Activations, Outdoors, Branding. Each folder has a small web.config that protects the contents against access by people without a role for that business area.
However, basic admin for most business areas is done via Dynamic Data pages. These are only basically protected by not appearing in the menu unless the user has the correct role, but they are still accessible directly via URL, because of the {table}/{Action} routing used by Dynamic Data. What can I do to protect these pages against direct access?
I have to use windows login (name,password) for my application.(Intranet)
string strHostName = System.Net.Dns.GetHostName();
It works fine on my system but use the ulr on any other system, it returns the same result(i.e., MY System's name).
I need to send a password from a windows application to the web (asp.net) in order to automatically login the user on the web (e.g.: opening hotmail from windows live messenger).
I thought about hash code, but the problem is: the value will be stored on user browser history (querystring).
how to pass a one-time valid key (a key that is valid for only one use) using querystring?
I have to enter the username and password and login in to a site say gmail, from my web application.
is der any way wherein i can give the user id and password in my application and try to signon to the other application using c# code.
Can this be done using c# .net ?
Anyone know why the minimum password length is 6 chars?
I can't find any reference to this anywhere.
I can recover my password but when I try to change my password to something a bit easier to remember it gives me:
Password incorrect or New Password invalid. New Password length minimum: 7. Non-alphanumeric characters required: 1.
i want to login with window username and password using active directrory in my asp.net application.
View 3 RepliesMe with C# asp.net
I want to show the admin pages only after logging in a form with username and password and also want to logout from the admin pages, if in the browser history select a admin page after logout it should not be shown
how can I do it.
Foe getting Logon computer username i m using digest authntication mode. But when i browse website it's asking for username and password. while already windows login with the same username.
I understood that in this auhtntication mode it's required. But r there any configuration with it i am not getting this Prompt ? Any group ploicy ??
For IE i have added website into trusted zone but still it's asking for username and password.
R there any other way i getting Computer logon name in asp.net application. There are But only work when i run from Editor from IIS it's not retuning value.
I'm going to publish an asp.net pre-compiled web site on shared hosting account but I don't want my code to be copied and able to run on another domain. I need to check domain and if not example.com or www.example.com redirect to error page or show error as response.
EDIT: Here is my solution based on given answers
void Application_BeginRequest(object sender, EventArgs e)
{
string[] safeDomains = new string[] { "localhost",
"example.com", "www.example.com" };
if (!((IList)safeDomains).Contains(Request.ServerVariables["SERVER_NAME"]))
{
Response.Write("Domain not allowed!");
Response.End();
}
}
I have a requirement for building an instant messenger application for the selected user.
I have googled for the solution but without any sucess.My requirement is once a user initiates a chat with another user,the another user needs to get a popup of the chat window,where the two users can start chatting.
In my development environment everything works as I expect. I can access all the pages and as soon as I get to a secured page I check the Request.IsAuthenticated and redirect to the login page if needed. The problems starts when I deploy the project under IIS7. When I access the site I'm being redirected to the login page (as defined in the web.config) although it suppose to be a public page... If I disable the Form Authentication in the admin console Request.IsAuthenticated always return true.So
How can I make IIS behaves like my ASP.NET development server?
p.s.
I'm working with asp.net MVC
I'm working on a website that streams audio files for the user from a directory on the server machine. How do I protect the audio files from users being able to navigate to the folder and just downloading them locally, but still provide them access to stream them? If I set permissions on the folder via IIS, is there a level that I can set so that the server can stream but not allow anonymous access?I'm sure there is a tutorial or other thread about this out there, it's just hard to search for this specific issue. Any help or a simple link to another thread/tutorial
View 3 RepliesUser downloads a document from a specified site, saves to the local disk and fills in confidential details. When other users logs on to this computer and if they try to access the file, the document should not be accessible. Also consider that the document can be saved to a common server too, in which case, no one else other than the person who downloaded and filled the document should be able to open the document.
some options to protect this document.