We have a commerce site we're attempting to get 3D Secure (Verified by VISA/Mastercard Securecode) set up with.
We are using DataCash as our payment provider.
We are seeing the following issue:
Some cards that are enrolled in these schemes are being successfully shown the 3D Secure pages, others are failing, and talking to the issuing banks hasn't helped as they are telling us they haven't seen the transaction.
We are getting messages from servers like "cap.securecode.com" stating:
Your authentication could not be completed because of a system error. If this happens consistently, please contact your CSR".
Or from "www.securesuite.co.uk":
You cannot access this page.
This may be due to one of two reasons:
The FI you are trying to access is deactivated The access to the FI is restricted for specific IP addresses, and your address is not one of them.
Has anyone else seen these errors returned from the verifying banks, and how can I resolve it?
I'm trying to get further details of any pattern to the successes and failures.
I am having the hardest time figuring this problem out. I have a Silverlight 4 application that loads audio and video files from URLs. The URLs are the same domain as the application is hosted on and it works great for video.The URLs are actually asp.net mvc controllers that are responsible for reading the file from a shared location on and the server and serving back a filestream. The URLs look something like this:http://localhost:31479/CourseMedia?path=omnisandbox1ILMSShare2Demo-Fire+BehaviormediaDisclaim.wma&encrypted=False&id=00000000-0000-0000-0000-000000000000
If I put the URL directly into the browser the file loads and plays in windows media player just fine, and if I use a separate test silverlight project to load the url it also works, but for the life of me I can not get it to work properly in my main project.This is the routine I use to actually do the source setting:
I tried installing the asp.net package on my PC today. I had just made a fresh install of Win 7 pro 64 bit, basically a disk wipe, re-install and all Windows updates.
If I remember correctly, there was a list of 21 products to install. When it got to 19 (Visual Web developer), it stayed there with no error message for a very long time until I got tired of it and cancelled using task manager (pressing Cancel yielded no results).I then tried re-starting the PC in Safe Mode w/networking. The WPI "knew" I had already installed the other products and suggested I install Web Developer and SQL Server. This time, I did get errors, but the error log basically said that the instal program returned "1601" (install failed),
I also tried installing Web Developer only, omitting SQL server. This didn't help. suggest a patch, or alternative way of completing this install?
What's the simplest and most effective way to selectively redirect HTTP requests to your ASP.NET page to its HTTPS equivalent? For example, if my page site URL is [URL], I want to redirect some (or all) page requests to [URL] What's the easiest way to do that?
My web application will be launched through existing thick client applications. When launched, an HTTP POST request will be generated including information like the userID and additional context information (basically stuff like the target user's name, birthday, etc.).
My plan for authentication is for there to be a look-up table in the database. If the username is already there, automatically login the user, but if there is no entry in the database, redirect the user to an initial login page which will be used to create that database entry.
My question is how to secure this against MITM and other security holes. How can the request generated through the thick client be on an SSL connection? Doesn't an SSL connection have to be authenticated with the username (and password) first? And if so, will the additional context information be publicly exposed until the user is logged in?
I have a browser compatibilty problem with https? I have SSL installed and is in usage. Until today morning, my https part is working well. From then, Https is shown as https(with slashed in red color) saying the page has some insecure content. I have not changed any code and suddenly i see this problem in chrome. In IE 8, i see the same problem but on every page, it shows me a popup if i should allow to opne secure and non secure or just secure. Firefox has no issues . It shows correct https without any problem. I am fed up with it searching all over. Why is this happenening for me in Chrome and IE 8.
I have a custom mini login user control that I have embedded in the top of my website which shows on every page. These pages are non-secure HTTP://. I would like to avoid having to redirect the user to a HTTPS page to perform the login but I definitely don't want to send login credentials to the server in plain text.
I am trying find a method to send the user's login credentials encrypted via https from a non-secure (http) page.
I tried to set the postbackurl for the login button to itself but in https, but the user's input is not retained and the buttonLogin_click is not fired when I set the button postbackurl property. My ASP.net web application is VB.Net framework 4.0
I am assuming this can be done because I see lots of websites where login fields are on available on every page and they are running http and I can believe they are not encrypting the login credentials.
I have a GUI when i log in i create a cookie and it encrypt it. I am usin SSL.
I check in the Login.aspx page if the cookie is secure, which it is. but then before going to the default page it goes to the Global.ascx page.
Here in the Application_AuthenticateRequest it gets the cookie and decrypts it for the default page..
Now i know that it is getting the same cookie as all the other attributes match the one that was created in the Login.aspx page excet that the secure value is "False".
this is the case for all other pages after default. the value of the cookie.secure is false.
why is this happening as i want all the pages to be secure by SSL.
After logging to the mvc site using a secure connection (https), calling actions using https connection show up with the user logged in but calling actions using http it bahaves as if user didn't log on. Since I need to use a virtual directory for https connections(and can't use that directory for http connection) Https links start with: [URL]
I'm working on a legacy web application - frames and a mixture of html, asp and aspx. The entire site is https. For some strange reason when I hit a specific page I get the magic message that says the Page contains both secure and nonsecure items. (IE obviously doesn't want to tell me what those resources are) I have checked the page that's being loaded and there are absolutely no http://... links - everything is relative links.
I have fired up fiddler and checked what's being requested - everything looks fine. I am completely at wit's end here. I have absolutely no idea why I'm getting this message, but it's completely screwing with the site.
my MVC2 delete and only my delete controller is refusing to return any class information. Its really similar to my edit function and the views are all auto-generated so I don't see the problem.
Function Delete(ByVal id As Integer) As ActionResult
I am developing a web application in which the clients wants to send a pdf copy of aa Authenticated Page to users and as well as to the administrator..
As I google about this problem but didnt find any solution.
Because in all cases I have to pass the url of the secure page to the function...and in runtime when function make a webrequest to the page it will always generate the PDFof the login page.
So is there any way to generate the PDF of a secure page in C# ASP.Net
I have experienced some troubles when using the IIS server at my workstation with Windows 7. This is a development machine and I don't need to use it as a production server or anything, but for some tests it's quite usefull to see what happens when a lot of requests comes concurrently (in this case even in the same session).
I have learned that with my edition of Windows 7, the limit of requests is 10, but I thought it only means the limit of requests that can be served at any point of time. What I am experiencing instead, is that after firing 10 requests one by one, if the first one didn't complete before the last one was fired, it never completes. The whole IIS is dead, no further requests are put in the worker process queue (there are already 10 requests there hanging so it kinda makes sense) and the only way to go on is to restart.
Is this a standard behavior that cannot be changed on Windows 7 and does firing 10 requests really have to kill IIS (or at least the current worker process) ? Is there some way to change the configuration to fix it (without compromising the setup by creating bunch of worker processes etc.) ?
Let's imaging there are 2 pages on the web site: quick and slow. Requests to slow page are executed for a 1 minute, request to quick 5 seconds.Whole my development career I thought that if 1st started request is slow: he will do a (synchronous) call to DB... wait answer... If during this time request to quick page will be done, this request will be processed while system is waiting for response from DB.[URL] One instance of the HttpApplication class is used to process many requests in its lifetime. However, it can process only one request at a time. Thus, member variables can be used to store per-request data.Does it mean that my original thoughts are wrong?Could you please clarify what they mean? I am pretty sure that thing are as I expect...
When I open my page in Chrome and use the Resource Tracker, at the bottom of the list of requests, there are two GET requests to the aspx file. They take about 2 seconds each. Each request also causes a warning:
Resource interpreted as image but transferred with MIME type text/html.
why a page may be requesting itself, and why it is trying to use it as an image?
we are using the WCF service and hosted using a console application, now we are using LoadRunner and hitting it concurrently
Where giving 50 hits at a time few requests (26) gets completed successfully and remaining gives error TCP error code 10061: No connection could be made because the target machine actively refused it.
I have developed some ASP.NET server controls which include their own javascript and css files. A lot of these controls use jQuery extensions which, as you know, often include their own css files.
I'm using Telerik's RadScript manager which combines the javascript like a boss. However, I'm using the AjaxToolkit's ClientCssResource attribute to include the css files in my server controls, and I have noticed that the CSS files are not getting combined at all. My pages have 10-15 WebResource.axd requests for css files for my server controls.
Everything I find only is about combining javascript, and nothing tells me how I can combine the CSS files. Does anyone know if there is a way to combine the CSS dynamically (I don't want to manually combine as each page might use a different subset of the server controls)?
i am planning to host my all images from another domain which is cookiless but i dont want to alter my all image locations can i do this without changing image locations ?
And immediately after you hit any other page that this session ID would be passed to, doesn't matter if it does anything, let's call it Test.aspx. The sequence for loading is like so.
I guess my question is how do I disable this feature. I understand it's useful to have so that session state can be more predictable, however in my case a long running reports page load is killing users' ability to multitask.
I am calling a web service in my aspx page. the web service (written in java) is acting as a middleware between my system and another system (Siebel) to which I send services and get response for these services. some requests are synchronous. Sometimes when invoking a method the response takes a long time to respond, so a time out exception is thrown.
The problem is that the web service is receiving the same request many times despite I am calling it only once.In my log file and database entries it is clear that the request is called only once. but in the middleware and Siebel side they are receving four or five requests for the same request sent by me.
Is this a bug in asp.net. is it possible that the server where my application is deployed is sending the request many times when not getting the response.Note: iam using Visual studion 2005. the application is deployed to windows server 2003.Iam not discussing the problem of time out. iam asking about the duplicate issue.
I am trying to create a 404 handling page but I am now stuck with the page only working for .aspx files, which isn't really what I need.I am running on IIS6.The site has a wildcard mapping,for extensionless URLs.All requests go through Application_BeginRequest in Global.asax but not all errors go through Application_Error.Is there a way where I can get the Application_Error to raise for non .aspx files?
why this no-secure message comes on my site's homepage in Internet Explorer Following is message:"The web page contains content that can not be delivered using secure HTTPS connection" message box comes with yes/no option.
