Security :: How To Increase Secuity On ERP And CMS Applications Developed In DOT NET

Jun 15, 2010

i have a client who wants to increase security on ERP and CMS application developed in DOT NET

We can do some testing and optimize the code. However what else can be done for more security ?

View 1 Replies


Similar Messages:

Web Forms :: Menu Image Length Increase On Website Increase?

Jul 27, 2010

i am working on my master site, and i want to add an image that increases its lenght as the website's length increases...

but im not sure how to do that, i know it's possible because i've seen it done on banners, but im not completely sure how to do it.

View 3 Replies

Security :: Share Membership Between 2 Web Applications?

Jan 9, 2010

Is there a way that I can share membership (login, etc.) between two different web applications? I would like to create a smaller debug application to test some stuff in my database.

View 2 Replies

Security :: How To Share Membership For Different Applications

Feb 11, 2011

I recall some way to use a single instance of the the asp.net membership for multiple applications. For example...if I have a main single sign on portal, perhaps I'd like them to have access to Application A, B and F, but not C, D & E. Instead of maintaining different security for each application, can we have a single membership table maintaining all of the enterprise applications? So user 'John Doe' would have a single membership record, but have access to different applications.

View 3 Replies

Security :: How To Share Membership Between Applications

Jan 27, 2011

I'm looking into building a web application platform which users will log into and be able to access other applications based on permissions. I've set up the membership provider and it is being shared between apps. Here is my problem: If I log into application A, and click on a link that takes me to application B, I have to log in again. Is there any way to share that session between applications so the user can log in once, and not have to do it every time they access a different application?

View 6 Replies

Security :: One Login Page For All Applications?

Apr 26, 2010

we have about 4 web applications in our company with seprated login pages, is it available to have a unique login page and after login let user choose what application he/she needs ?

View 4 Replies

Security :: Single Point Of Entry For 2 Web Applications?

Oct 29, 2010

I already have 2 web applications running. both of them are using membership and accessing the same database but their application names are different. so basically in my aspnet_Users table, i have users with different applicationIDs and in my aspnet_Applications table I have 2 records in there. so i have 2 separate login locations

..app1login.aspx
..app2login.aspx

What my the business wants is to only have a single point of entry. so they want something like this

..applogin.aspx

and by verifying the username and password pair, my code should be able to route to the appropriate app and bypass its login form. (don't be concerned about the duplicate username between applications, it's been taken cared of)

so I'd like to solicit suggestions from you how should I implement this without modifying my existing setup? and where should I place this login web form in my website? this is the current site structure:

www.site.com/app1
www.site.com/app2

View 6 Replies

Security :: Share Authentication Cookie Between V3.5 And V4.0 Applications

Nov 6, 2010

I have a bunch of applications that currently share the authentication cookie in v3.5.

We're in the process of upgrading to 4.0 and also upgrading the applications as a whole. I have 1 done, and would love to deploy it. However, as soon as I do, I lose my sharing of authentication cookie in that application.

In each web.config, my machine key is declared. I removed the actual keys to protect the innocent. :)

<machineKey validationKey="..." decryptionKey="..." validation="SHA1"/>
<authentication mode="Forms">
<!-- DEV Server -->
<forms enableCrossAppRedirects="true" loginUrl="Logon.aspx" name=".COOKIENAMEHERE" protection="All" path="/" slidingExpiration="true" timeout="1440"/>
</authentication>

View 1 Replies

Security :: Two Applications Using Same Domain / Common Authentication Possible

Feb 19, 2010

I have a case where i have two asp.net applications, one is hosted on example.com/App1 and the other on /App2.

both applications are password protected using Windows authentication.

App1/default.aspx has a <img src="/App2/somefile.aspx">

Now what happens when i open App1 is that i get the credentials prompt, but because App2 is also protected, the HTTP GET for the img requires me to authenticate, in other words i get two prompts.

Is it possible to do something so that the authentication is for example.com so that both App1 and App2 consider the user authenticated?

View 4 Replies

Security :: Single Authentication For Multiple Applications?

Nov 10, 2010

I have three asp.net web applications

,Second and Third applications are accessed throught the first,So Authentication (form authentication) is happening from the first application only , all are deployed on same IIS with seperate virtual directory

Like

1.Localhost/EmpMananger

1. Localhost/Hr

2.Localhost/Payroll

, I used the same Entires in both <machineKey> and
<forms> Elements in webconfig file of all applications,

Applications are working fine and Page.User.Identity are available in all applications but once loginUrl and defaultUrl entry is changed to actual name other than localhost

Eg: localhost/EmpManager/default.aspx To myserver/EmpManger/default.aspx

the authentication ticket is not available in second and third applicaiton

View 4 Replies

Security :: Passing Login Information Between Applications?

Aug 2, 2010

I had three web applications and each one has its own login page , now i want to build web portal which allow members to login and choose one of these applications to redirect to it .

Is there any way to passing user information across secure connection??

View 2 Replies

Security :: Using The SQL Table Profile Provider In C# 4 Web Applications?

Sep 6, 2010

Just an FYI for those trying to use the SqlTableProfileProvider in a Web application project. Here's my article:

Using the SQL Table Profile Provider in ASP.NET 4 Web Applications (C# & VB)

[URL]

The complete projects are here:

[URL]

View 2 Replies

Security :: Token Login Don't Keep Session With Two Applications?

Jun 15, 2010

I've two application ASP.NET (once is Mojo Portal). I can navigate from one to other using an URL token id.

To this way, by token, I create a new session and save the relative auth cookie.

But, sometimes, the asp web application don't keep the session and put me down. When this happen I can't login until the session cookies is not deleted.

Both the two application are behind an reverse proxy.

View 3 Replies

Security :: Authorization Setting For Combined Applications?

Sep 22, 2010

I am working on a scenario where I need to combine three applications into one (Project Requirement). I link the three applications on a web page and which ever link is clicked, I redirect it to that page.

My application sturcture looks as below

MainPage

- Folder1 with App1 (uses Active Directory group for authentication)

- SubPages

- Folder2 with App2 (Uses Membership roles and users)

- SubPages

- Folder3 with App3 (Uses Other logins for oracle database)

- SubPages

Is it possible to provide authorization only for my App2 based on the role created in membership.

For eg: There is user1 with role1 and user2 with role2 but i need to allow only user1 with role1.

When I was checking this scenario in the ASP.NET configuration settings to modify, it has the allow all permisions which is disabled to modify and it is given that Rules that appear dimmed are inherited from the parent and cannot be changed at this level.

View 1 Replies

Security :: Multiple Applications Use Same Users & Roles?

Jan 10, 2011

I am using ASP.NET Membership with the default provider. I have a project where there are 3 different applications(seperated by the applicationName). Now I need every user to be able to log in to all the applications, but have a seperate role in each.Is this possible(I dont want to duplicate user details or logins for the same person)?

View 4 Replies

Security :: Creating Users For Multiple Applications?

Jan 27, 2011

i am managing three applications .. i hve separate pages in each of these applications for creating users and roles..

can i create a single page where in i can choose for which applications i want to create users..

i am storing the users of each of thse 3 applications in a same database and i hve separate application name for each application in membership provider

View 1 Replies

Security :: Create Session On Login And Redirect From Other Applications

Sep 29, 2010

I have created custom a MembershipProvider, SessionIDManager, and SessionStateStore since I need to use custom legacy sessions and logins.. When the Application is ran, it runs the GetSessionID in the SessionIDManager(which is correct) The problem then is if there is no session meaning the GetSessionID method returns null, it tries to create a new session using CreateSessionID.. I want it to redirect to the login application(another application). We only create and store session information for logged in users and the "session id numbers" come from a file that is pre-populated with "session id numbers"(I didnt design this and its out of my control).. So its not feasable to give everyone who visits the site one of the "session id" numbers. I also need for users with an "invalid" session(when checked through Validate()) to be redirected to the login page.

View 4 Replies

Security :: How To Authenticate Multiple Applications Within 1 Aspnetdb Database

Feb 9, 2010

I currently have a website up and running and working correctly with godaddy.com using the out-of-the box authentication with an aspnetdb sqlserver database. I have users on this site and am very hesitant to change anything with this database or the web.config file from the working site for fear of wrecking it

So, my challenge is that I need to authenticate a separate application using the same aspnetdb.mdf file without any crossover to my 1st application. I've noticed that the ApplicationName that is currently in my aspnetdb database for the working application is just "/". I know that I'll need to have 2 separate entries in the aspnet_Applications table to define these two applications and then somehow register those names within their respective web.config files - but wanted to have step by step instructions on how to this so as to not "break" the 1st working application that is already live.

Can anyone point me to a document on what changes I will need to make?

Also, with the default create user wizards I'm using, how will it know to create the new user information with the correct application ID so that the user information from one application is not visible to managers of the second application and vice/versa?

View 7 Replies

Security :: Forms Authentication Across Applications Stopped Working?

Jan 12, 2011

I have a .net 1.1 ASP application (domain.com) which has a .net 2 virtual directory (domain.com/v2) beneath it, both applications run within their own app pool on the same Windows Server 2003 machine running IIS 6. The web.config files for both apps are setup for Forms Authentication as described here - [URL]

Users would be directed to the domain.com/v2/login.aspx page which would authenticate for both applications, this configuration has been working fine for the last few years until installing one of the recent Windows 2003 security updates today. Now after authenticating under /v2 users keep getting redirected back to domain.com/v2/Login.aspx as domain.com doesnt see them as authenticated anymore.

which security update would have caused this and if its possible to fix or rollback?

View 4 Replies

Security :: How To Create Multiple Applications With The Same Database With One Membership

Mar 23, 2011

I have more of the same applications.All tables are identical.Each application has a new user.These different applications are located in different domains such as.: domena1.com, domena2.com, domena3.com.Each domain has different users.

For each domain in the web.config change the "ApplicationName", eg.:
ApplicationName = domain1, ApplicationName = DOMAIN2, ApplicationName = domain3 ...

View 2 Replies

C# - Security Measures For Applications Which Deal With Users Private Information?

May 20, 2010

I am currently working on an ASP.NET 3.5 and C# web application which deals with users private information like SSN numbers. What are some of the security measures which I need to take from an application development stand point to feel safe?

View 4 Replies

Security :: Partitioning The User Store Into Applications And Utilizing That In One WebApplication?

Apr 15, 2010

I have a design issue with a new project, the web application I'm developing is suppose to serve three different segments of business, each segment has a sligthly different requirement, but in all they share most of the same business needs, so I'm creating only one web application.

I've created three "Application" in the asp.net web administration tool.

I want to be able to create users related in each segment with their associated "Application" in membership store.

and when a users login(there is only one login pag) to the application to be redirected to his specified application.

The thing is the web.config configuration alows you to define one "Application" name, and hence the membership APIs pick up only that application.

View 4 Replies

Security :: Didn't Run All Three Applications In Same Times And Also Form Authentication Crossed?

Jul 10, 2010

We are upgrading the asp.net 2.0 web application to asp.net 4.0.

The application contain three main modules (sub application) like End User, Franchise and Admin with separate web.config, asp.net form Authentication, login page and running with single domain.

the URL like,

mydomain.com/login.aspx
mydomain.com/franchise/login.aspx
mydomain.com/admin/login.aspx

In asp.net 2.0, working fine with 3 sub applications with separate form authentication under a single domain name and also we can working with all threes in same time.

After the up gradation process (ASP.NET 2.0 to 4.0),

We didn't run all three applications in same times and also form authentication crossed.

View 7 Replies

Page Level Security And Control Level Security In MVC Applications

Mar 9, 2010

how to implement page level and control level security in MVC applications. Also I would like to know the definition for Page Level and Control Level Security in MVC. Please refer me if any third party tools avilable to implement security in MVC.

View 1 Replies

WCF / ASMX :: Building Services To Work With Web Applications And Console Applications?

Jun 7, 2010

I've been worked with web services so far, and I'm interested in expanding my services to console applications as well so I started digging up with WCF but I'm conserned that I won't be able to use the HttpContext collection that I've been used to do with web services one important thing which is to generate a random value from HttpContext.Current.Request.ServerVariables["ALL_HTTP"] that I need to reckon if it's the same or at least near what machine that is calling my service. How can I overcome this problem?

I need to know what machine is calling to count the number of attempts to login into my system for example. So must do it inside of the svc code otherwise if I let the client inform what ip address or what computer he is using, anyone could forge this argument and surpass by another machine. May be I'm approaching this matter wrongly. And I should count the number of attempts per state session, but how is it done?

View 1 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved