C# - Multi-Application Server Environment And Memcached Security?
Feb 24, 2010
We are looking to integrate Memcached into our infrastructure, but have a security concern before we do. We run several platforms including ASP.NET and ColdFusion and have many app developers working many little applications across the different platforms. The concern is this: App A places item "dog" into cache.
App B reads item "dog" (or worse: App B updates item "dog")
After this happens, App A either retrieves bad information, or has already had its information viewed, aka "stolen". What we would like to do is make it so that each app can only interact with its own sandbox, and may not interfere with or read other application's data.
View 3 Replies
Similar Messages:
Jan 27, 2011
I have to choose between Server.transfer and Response.redirect for an Intranet application for navigation. I have chosen Server.Transfer as of now because it avoid extra round trip to server and which will help when so many users will be accessing the application. (I believe this is the main difference between reponse.redirect and server.transfer). But the problem is now that URL won't change on Server.Transfer(I don't want to implement Http headerS, as I am afraid it will take time to implement that).on redirection, I want to do something like taking benefit of server.redirect(in avoiding server processing, which happens in response.redirect) and changing the URL(as it happens in reponse.redirect).Can anyone please suggest a quick solution to it or may be help me Telling How many users can reponse.redirect can support ?
View 11 Replies
Feb 1, 2011
I want to start using memcached in my ASP.NET application.
I think I need to set up a memcached server and then access it using a .NET specific client.
However I'm struggling to see how to set it up, where to find the exact downloads for .NET and so on
Is there a port of memcache to .Net? memcached - using with a C# asp.net application
View 1 Replies
Mar 5, 2010
I would like to add this feature to my web application, for the end users to chose the type of the authentication either (windows) or (Forms), and add it in the admin setting. This can be done by changing the authentication type programmatically in the code. how can I do this? Note: The user can use one type at time only.
View 1 Replies
Oct 25, 2010
I am developing a web application. This application is fully customised based on the user settings. Suppose, application hosted on [URL] and user can signup on the website and it will get the domain like [URL] and for user2 will be [URL] so and so forth. so in this case how would I maintain the session for each user? each user will be representing a single website along with public interface and admin pages.
what I am thinking is to store all the setting (for each user) in the database and then when ever server received request then get the user info from the URL (first time only and after get it from the session) and get user details but I am not very much satisfied with this approach.
View 5 Replies
Nov 22, 2010
I am working with asp.net 2.0 and sql server 2005. so trying to describe it below:
THE SITUATION
I have a few tables to hold data for billing information. The first table has each dedicated to each location, and a serial number that can be incremented. The concept is to update this data based on location, every time there is a new bill, so may be location A has serial 25 since it is doing well but location B has serial 5.
THE PROBLEM
SO based on this requirement I need to update a table to get the latest serial for a particular location and then use that serial for other tables which will be holding the billing details. The second part is as regular as it can be, but generating a new number, and getting this value is my problem. Since this will be multi user system, so I want some robust solution. I do not know whether I can use a identity field for this purpose or not.
View 1 Replies
May 7, 2010
Followed the code sample of Chapter 10 (Logging in) of the Book, Microsoft ASP.NET 2.0, I created an ASP.NET 3.5 website with Forms Authentication. The sample code used Website Administration Tool (WAT) to manage the users, roles, and authorization.When running in the ASP.NET Development server environment, I can first login, then click to open the links for each for the 3 roles.
However when running the sample code in the IIS server environment, I can login but can not open the links for the role subfolders.Clicking each link popped up an error message for opening a login.aspx from the specific subfolder. I don't have a Login.aspx file in each subfolder.The 3 role subfolders were configured as the virtual folders in the IIS Server. Why the sample code worked fine inASP.NET Development server environment, but got an error message from theIIS Server environment? Why an authenticated user can not open the subfolder homepage?
View 5 Replies
Jun 15, 2010
I have searched and could not find any article related to "How to implement Certificate Security in
production environment".
I could able to Create sample certificates for client and Server on my local machine and was able to authenticate my client app with the certificates . These certificates are test certificates.
How do I do this in Production. We have a domain certificate from GoDaddy which resides on the server. How do I create a Client Certificate off of that.
View 2 Replies
Jan 18, 2011
Our current application is working fine but when you try to misbehave like we found out that When login with same user in multiple tab with different organization(there is a organization dropdown in the master page which sets the cookie whenever it is changed.) in tab one it is org 1 and tab 2 it is org2 , cookie has the later org 2 in it but when we go back in tab1(which had org1) and save the record org 2 will be saved with the record So can some one share some sort of a checklist with us which address these types of problem.
View 3 Replies
Jul 28, 2010
I have asp.net application which in develop on the 32bit environment it works fine when deployed on the server.But the problem is when we are deploying the application on the 64bit environment it is giving two problem.1) Exception: System.InvalidOperationException: The 'MSDAORA.1' provider is not registered on the local machine."2) Exception: System.Exception: Cannot create ActiveX component.After doing some search people saying that recompiler your appliation as x86 to work on 64bit environment.How can i do that? when can I find the option for that in VS 2005.or
View 1 Replies
Aug 20, 2010
I have an application which works well on a single server. My customer now wants to move it to a load-balanced environment. Which things are likely to bite me when doing this?Currently I know ofSession state, andMachine key.Both of these are described here, for example, so I'm looking for things additional to this.These similar questions, but the first addresses load balancing in general, and I'm looking for a migration guide, and the second addresses a specific problem.
View 2 Replies
Apr 2, 2011
I need to create a Web Setup project for an MVC2 application I made at home, since I have VS 2010 there and I need to show people at the office, who have VS 2008 + sp1 + MVC2.
View 3 Replies
Jan 12, 2010
I am new to asp.net, I have been tasked to upgrade the physical architecture to load balancing environment to support the application. I done some reading the session state should be configure to Out-Process instead of In-Proc to support load balancing. Is there any other issues I need to take note for asp.net web application to run in the load balanced environment?
View 1 Replies
Aug 2, 2010
I have a bigger ASP.NET based webapplication, which is structured into subwebs (as described on [URL]How can I share user specific information (user credentials, other informations) between these subwebs? The point is that the subwebs have all their own virtual directories and therefore different sessions. Are there other possibilities besides cookies to have a shared (user/browser session based) memory?
View 1 Replies
Feb 22, 2010
We just moved our site (still in development) to a new hosting company, on a medium trust shared environment. We setup the databases, aspnet_users tables etc, but now our page that handles new people signing up doesn't work. It contains a simple standard <asp:CreateUserWizard> control. However, this page is not working since the move (the rest of our pages are working). We get this compiler error:
Request for ConfigurationPermission failed while attempting to access configuration section 'system.web/machineKey'. To allow all callers to access the data for this section, set section attribute 'requirePermission' equal 'false' in the configuration file where this section is declared.
Apparently the hosting company is using the default medium trust .NET settings. We have no idea how to get around this since we've always developed on full trust dedicated server environments. Is it simply a fact that the <asp:CreateUserWizard> control does not work in medium trust, or is there a way?
View 11 Replies
Jan 5, 2011
We have a web application that makes a call to a remotely hosted ASMX service that worked in Server 2003 under IIS6. We are now migrating it to a Server 2008/IIS 7 setup and it doesn't appear that the application makes the call to the remote web service anymore. We ran Wireshark and don't see any traffic to the service URL. It seems to throw a 404 error without trying to connect.
Is there some security policy or restriction in Server 2008 or IIS 7 we need to set to allow an ASP.NET application make a call to a remote web service? We are using Network Service as our application pool user, but also tried using Local System as a troubleshooting step. In addition, the same code works if run from a console application on the server instead of the web application.
Is there some setting under IIS7 or server 2008 that would be causing this?
View 3 Replies
Jan 8, 2010
i wrote all my code on my computer so i had a high trust level, after ftping my site and database to godaddy.com i realized they have a medium level trust enviroment.... i called the tech support and they said they were sorry but they couldnt change it for me... heres my code. any idea how to get it to work in medium level trust? I am trying to create a new directory where all of a users upload goes. The folder is created dynamically when the upload page loads.
string username = User.Identity.Name;
string UpPath;
UpPath = "~\Users\UserUploads\" + username + "\";
if (!Directory.Exists(UpPath))
{
Directory.CreateDirectory("~\Users\UserUploads\" + username + "\");
}
how to get this working in medium level security?
View 2 Replies
Jan 26, 2011
Running winXP and Visual Studio 2005. Using only the Development server at this stage:
Have added asp.net machine user in Windows for the directory in question
Have set up web config as
<identity
impersonate="true"/>
<authorization>
<allow
users="?"
/>
</authorization>
Problem: In test environment using VS development server, want to allow all users (will change to specific roles when implemented) to add and delete files from the directory App_Data. I can successfully upload files, but when I attempt to delete a file I get the error....
System.UnauthorizedAccessException: Access to the path 'C:Documents and Settings.......App_Data' is denied.
View 3 Replies
Feb 10, 2010
The website is on a shared hosting server with the trust levels set to medium.
I am sending an e-mail from the website (to confirm a booking) and need to attach a PDF doc (directions) with the mail.
The server is rejecting the mail because of the trust level.
My code line for the attachment is:
//mail.Attachments.Add(new System.Net.Mail.Attachment("c:/Domains/booking.proteafarm.co.za/images/DirectionsToProteaFarmMontagu.pdf"));
View 2 Replies
Mar 10, 2011
I'm using Visual Studio 2010 and working on an ASP.NET 4.0 web application. At the moment, a co-worker and I are tweaking CSS, which means constantly changing and saving CSS files and then refreshing the running page in a web browser.Every few saves, the application restarts, causing a considerable delay while we wait for the app to start up, log in again, and return to the page we were working on. In an IIS production environment a CSS file wouldn't go through the ASP.NET ISAPI, but apparently when running with VS2010 and the developent web server this doesn't matter... or something.
View 2 Replies
Feb 8, 2011
I've been asked to re-write an existing VS 2003 applicatoin in VS 2010. The application contains multiple sections that allows certains users the ability to edit based on security roles. Each user is able to view the sections. There is ton of code to enable/disable section permissions for each user. Is there a better option available in VS 2010? I'm not too familiar with MVC and not sure if it would work in this scenario - each section should be available when the users login.
View 9 Replies
Oct 10, 2010
I'm building a multi-tenant ASP .NET application. Given that each tenant can configure their application dynamically (which may involve dynamic custom assemblies being loaded into memory), I need a means of isolating each tenant.
I'd prefer not to create a new Web Application per tenant for maintenance reasons.
I've was considering using the AppDomainManager to create an AppDomain per application, but it seems this is not intended to be used for ASP .NET applications.
View 3 Replies
May 10, 2010
develope my application in multilingual, specially in ORIYA Language.
My objective is when I choose oriya option, all my input should be in oriya and data retrieve from table should display in gridview in ORIYA language.
View 10 Replies
Feb 8, 2010
I'm having a hell of a time trying to debug things. Basically I want to step through each line of code to see whats happening. But when I try to step to the next line of code, 9 times out of 10 it just finishes all execution instantly without letting me step.
For example if I set a breakpoint in the thread code, that breakpoint gets hit, and I might be able to step to the next line or 2 of code, but after that the next step just jumps to the end of everything as If I had pressed F5 (continue). I assume this is happening because the context gets switched from my current thread to the main thread (or some other thread), and Visual Studio gets confused and just finishes execution, ignoring my breakpoints.
I know about the Threads window, and I have tried many different combinations of freezing and flagging different threads, but nothing accomplishes what I want. I basically want to just keep hitting F10, and step through EVERY LINE OF CODE, regardless of what thread it's in. Im surprised this isnt the default behavior.
View 3 Replies
May 27, 2010
My problem is that I'm going to have a SQL Server database and website that accesses that database via a hosting provider, most likely GoDaddy.com, using ASP.Net. I need to make sure the connection string in the web.config file is as secure as possible, because the database will actually be storing trivia questions for a game I'm developing, and the clients will be accessing these questions, saving specific state related details, and other details, to the database, so every player that plays the game will have their details stored in this database. I need to ensure hacking is very difficult to accomplish.
From my research it appears as though the only viable solution for your web.config when you've got a hosting account with something like GoDaddy.com is to use SQL Server security to connect to your SQL Server database and place those details in the web.config file. Is this correct? It seems that this is the most likely scenario for most users, because we don't have access to our hosting providers IIS servers in order to use Windows authentication with SQL Server access and then use DPAPI encryption from there.
View 2 Replies
