How can I force page to use secure connection "https". Client might call the page using insecure connection. I want the page to to check connection, if insecure connection "http" is being used, reload the page with secure "https" connection
View 8 RepliesHow to secure the connection string in the webconfig the best way
View 1 RepliesI have a custom mini login user control that I have embedded in the top of my website which shows on every page. These pages are non-secure HTTP://. I would like to avoid having to redirect the user to a HTTPS page to perform the login but I definitely don't want to send login credentials to the server in plain text.
I am trying find a method to send the user's login credentials encrypted via https from a non-secure (http) page.
I tried to set the postbackurl for the login button to itself but in https, but the user's input is not retained and the buttonLogin_click is not fired when I set the button postbackurl property. My ASP.net web application is VB.Net framework 4.0
I am assuming this can be done because I see lots of websites where login fields are on available on every page and they are running http and I can believe they are not encrypting the login credentials.
In my web.config I have:
[Code]....
If I just have ADProvider1 it works, when I add ADProvider2, even though for testing I only use ADProvider1 I get an error: "Unable to establish secure connection with the server" Am I adding the second provider to the membership section incorrectly?
i have asp.net 2.0 web site and in the main root i have some secure pages so if any unauthenticated user try to visit my page the browser redirect him to login.asp page (it was correct) but in my web i have subfolder named (Admin) and i want to secure all pages under this folder and redirect any user to new login page. how can i do it?
View 7 RepliesI'm using paypal to make payments for an online digital download purchase. Once the payment is accepted the person is redirected to a page where they can download the product. I need to know how do I make a page that can only be accessed once via redirect.
View 1 RepliesI have a browser compatibilty problem with https? I have SSL installed and is in usage. Until today morning, my https part is working well. From then, Https is shown as https(with slashed in red color) saying the page has some insecure content. I have not changed any code and suddenly i see this problem in chrome. In IE 8, i see the same problem but on every page, it shows me a popup if i should allow to opne secure and non secure or just secure. Firefox has no issues . It shows correct https without any problem. I am fed up with it searching all over. Why is this happenening for me in Chrome and IE 8.
View 3 RepliesHow to make a secure login page using sql database by matching a user name and password and redirect them to differnt page as admin and user
View 2 RepliesI am developing a web application in which the clients wants to send a pdf copy of aa Authenticated Page to users and as well as to the administrator..
As I google about this problem but didnt find any solution.
Because in all cases I have to pass the url of the secure page to the function...and in runtime when function make a webrequest to the page it will always generate the PDFof the login page.
So is there any way to generate the PDF of a secure page in C# ASP.Net
How do you secure a WCF web service when you are using the traditional "connection string in the web.config"?
I have added a WCF service to an application which uses a JQuery post and returns JSON. The request happens on the client side. The purpose of this service is to return search information while the person is typing text into a textbox.
It works well, but there is a problem because the application will be used by a number of people and I am maintaining a role based security within the applications MS SQL database. The connection string to the database is in the web.config file.
In order to run the JQuery call to the web service the user must have at least read access directly to the database. I want to allow the application to control the access, but removing all security to the WCF service opens the application up for external access by unauthorized users.
I have written the above code and im getting an error as below-System.Net.Mail.SmtpException: The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.5.1 Authentication Required. Learn more at at
System.Net.Mail.MailCommand.CheckResponse(SmtpStatusCode statusCode, String response) at System.Net.Mail.MailCommand.Send(SmtpConnection conn, Byte[] command, MailAddress from, Boolean allowUnicode) at System.Net.Mail.SmtpTransport.SendMail(MailAddress sender, MailAddressCollection recipients, String deliveryNotify, Boolean allowUnicode, SmtpFailedRecipientException& exception) at System.Net.Mail.SmtpClient.Send(MailMessage message) at smtptest._Default.btnSend_Click(Object sender, EventArgs e) in c:usersadministratordocumentsvisual studio 2010ProjectssmtptestsmtptestDefault.aspx.cs:line 71
Its working on local but when im hosting my application im getting above error
using (MailMessage mm = new MailMessage("myid@gmail.com","reciverid@yahoo.com"))
{
mm.Subject = "test";
mm.Body = "email testing";
mm.IsBodyHtml = false;
SmtpClient smtp = new SmtpClient();
[code]....
I'm working on a legacy web application - frames and a mixture of html, asp and aspx. The entire site is https. For some strange reason when I hit a specific page I get the magic message that says the Page contains both secure and nonsecure items. (IE obviously doesn't want to tell me what those resources are) I have checked the page that's being loaded and there are absolutely no http://... links - everything is relative links.
I have fired up fiddler and checked what's being requested - everything looks fine. I am completely at wit's end here. I have absolutely no idea why I'm getting this message, but it's completely screwing with the site.
IIS 6 installed on Vista (Virtual PC) not member of domain, Visual studio 2008 based website. Active Directory Membership configured in web.config.
Trust level set to Full. Using Login control to authenticate.
[Code]....
In IIS7 I don't find any possibility to keep a website from responding to it's IP address as soon there is SSL set up for this website. I did not add the IP address as hostname for this website and so would expect that the site does only respond to it's given hostname(s). Unfortunately the website won't work if requested via it's IP address, so I have to disable IP address as hostname somehow.
Another issue is that IIS 7 does not display the "secure connection obligatory" error page anymore if secure connection is mandatory for a website. Is there any way to get this error page being displayed, just like it was in IIS6 ?
I cannot get a successful connectiong to the active directory when logging onto a web form. Here is the code I have in the web.config:
<configuration>
<appSettings/>
<connectionStrings>
[code]...
I am created a from sending mails. I have tried ur code.. But I am getting under error.
The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.5.1 Authentication RequiredÂ
We're having an error similar to the one detailed here. We get the error noted above when trying to do AD authentication from our .net (3.5) mvc 2 app. This is our first .net mvc app ...
http://forums.asp.net/t/1161047.aspx
- We are re-using a forms auth library written for a .Net 2 app
- that library/app/config used a service account with min. privileges for binding to AD
- This error occurs in VS 2008, have not tried deploying the app to a server yet (a little early for that)
- like the other user at the previously referenced thread, I can get the 'unable to establish ...' error to go away and display the log on page by putting *MY* credentials in instead of the service account (but not successfully authenticate)
- moving the service account into the same AD OU as my account does not seem to change it ... only using my account credentials does.
- trust level is set to full
Is this some odd permissions trick that is new with .Net 3.5 (even though the ADmembershipProvider is still a 2.0 libary)? This should have nothing to do with MVC itself.
Config looks like this (very standard, like every one else's)
[Code]....
The line/portion highlighted in the debug/stacktrace is:
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
i'm trying to send email through gmail account
i get this error:
The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.5.1 Authentication Required. Learn more at
web config is like below:
[Code]....
and my code :
[Code]....
How to fix this error,
"The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.5.1 Authentication Required. Learn more at"
[URL].....
I want to send a email without using gmail domain but its giving error given below...
The SMTP server requires a secure connection or the client was not authenticated. The server response was: Relaying not allowed - sender domain not local
i am creating a web app for a small buisness enterprise in which i have added a node in my menu (stocks) accessible to limited users
every time a user try to access this node , it will ask for his/her credentials. iam using asp.net login control( in built ) for this . Also i used
<authentiaction mode='forms' />
<authorization>
<deny users='?'>
</authorization>
for these pagesin my web.config file now apart from that , how can i made it more secure using asp.net membership provider.
I'm creating a ASP.NET/SQL Server 2005 Express app which requires users to upload supporting attachment or documents in .docx and .pdf format. The web server is IIS 6/Win 2003. I'm trying to come up with a good way of securing these documents so anonynous users cannot see them and creating a separate Windows login for every user is not an option. SQL Server Express does not have blob data types. I'm storing each user's authentication information in the SQL database and not really using forms authentication.
View 1 RepliesI would like to send email securely to third party with attachments containing sensitive info. The website is configured with SSL. I'd like to know how to send email securely via asp.net app.
View 3 RepliesI've got IIS 6 with a self-signed certificate installed. This is now securing the whole site (all urs are HTTPS). How do I only apply HTTPS to logged in areas, leaving publicly viewable data with HTTP?
View 8 RepliesI'm auto-generating a form in my ASP.NET page. This is already tested and working. I want to know if:If there are any security problems with storing the database ID as part of my controls ID? I can see think of 2 issues: the id will be visible in page source (not really important in this case), and the possibility someone could change the name of the control somehow? This second possibility is more serious. Is this a potential problem and how to void it?If there would be a better preferred way to associate a unique data with any type of control? Is it possible to store a custom item in the viewstate for the control?
View 5 Replies