I am currently working on an ASP.NET 3.5 and C# web application which deals with users private information like SSN numbers. What are some of the security measures which I need to take from an application development stand point to feel safe?
View 4 Replies
I had three web applications and each one has its own login page , now i want to build web portal which allow members to login and choose one of these applications to redirect to it .
Is there any way to passing user information across secure connection??
I allow user to select metric or standard scale (KM/Miles) when setting up a profile. They can lookat a list of all users entries, which should be displayed as Std or Metric based on their selection.
View 4 RepliesI am using ASP.NET Membership with the default provider. I have a project where there are 3 different applications(seperated by the applicationName). Now I need every user to be able to log in to all the applications, but have a seperate role in each.Is this possible(I dont want to duplicate user details or logins for the same person)?
View 4 Repliesi am managing three applications .. i hve separate pages in each of these applications for creating users and roles..
can i create a single page where in i can choose for which applications i want to create users..
i am storing the users of each of thse 3 applications in a same database and i hve separate application name for each application in membership provider
I am useing asp.net membership to store my users and under each users profile there is a field for their supervisor. I would like to get a list of all the users with the supervisor "Jon Doe". Is there an easy way to do this or would I just have to loop through each user and see if there supervisor = "Jon Doe" then if it is store there username in a list?
View 1 RepliesI am developing a website in asp.net and i want to know that what all security measures are we suppose to take when it comes to develop a website
View 3 RepliesI have been searching all over for this and trying many different things but so far have had no luck. I need to display the profile information for [all] users in the system within a GridView. For instance, I want to show their Username, First Name, Last Name,Email, etc.I've tried the Profilemanager.GetAllProfiles() method but t doesn't seem to have the fields in it.
View 2 RepliesIm very new to ASP.net and have no experience with it at all.Im currently developing a website,and am confused about creating users.Im using the create user wizard,everything is working fine.However,I am worried about the security of user information.I believe the user information is stored in the APP_Data folder, am I right in believing that this folder is secure?
Exactly how is the user information stored when using the create a user wizard?In a database in the APP_Data folder?Is it encrypted automatically when a user signs up?
I have a profile page where a user can edit their name, city, image, etc.
How can I display the profile database as a list of users, their information, and their image?
As you know, the profile database is not the same as a custom database. The strings are bunched together.
I use membership use to log in users.How to integrate a solution that I can send a private message to a registered users?
View 3 RepliesI want to create a system you may have seen on many forum sites where user can send private messages to other users
View 6 RepliesI have a web site and i want any online users chat with any other user in private mode. it is like facebook chat. is there any free third-party component to use in asp.net web site.
View 1 RepliesI have a solution with more than one ASP.NET web-application. Every application has its own virtual directory on the same IIS. One application is calling aspx pages in the other applications. How can I share some information (e.g. user/password) between these applications. Is the only way using querystrings (in this case, I must encrypt the information).
View 2 RepliesI would like to make the build information for the running web application but I dont know where I set or configure this nor do I know how to retrieve this information.
In a project you may set the build information in the file AssemblyInfo.cs under the projects Properties folder. Here is a snippet of the AssemblyInfo.cs file:
[Code]....
But there is no such file for an web application project, so I have to get this information from one of the compiled DLLs that is in the same assembly as my web application then? Or how is this done?
The reason I want this information is because my customer would like to have a webpage within the web application where he could see the current version. This is also nice to have when testing and debugging etc.
I begin with MVC and this technology is very efficient !
I would like to create several applications mapped with a common applicaton Users Accounts. The aim is to isolate logical parts. The problem is always the same : how to communicate easily between users db and appli db ? Do I continue to use my poor View mechanism from SQL Server (db1.Users.UserId inner join db2.Users.UserId) or is it a better way with super MVC?
I have an web application that encrypts data using a public and sent it to another web application. Which will then decrypt the data using a the user private key. My question is, since but the Private and Public key are generated in the first application. how does the other application get the private?
View 2 RepliesMy site is 100% private (only public facing page is login) I've had the need to open up a page to anon via the <location> node in the web config...and that all seems to work However the issue now appears to be that dynamic resources such as the Telerik.Web.UI.WebResource.axd and imagesjavascript changed via handlers dont load. A firebug of the situation shows that for those dynamic elements, it's trying to re-direct to login to get them Is there anyway around this?
View 3 RepliesNeed to develop a Web application that will be used to authenticate and authorize internal and external users to log and then re-route to web applications for the organization. The login application should be able to provider smooth integration with any future applications that needs a secured authentication. Should I be using WIF - Claims based Identity/ADFS or asp.net Role membership provider to develop this app.?
View 1 RepliesI am working with RSA Algorithm recently.
I want to use RSACryptoProvider for this purpose.
But i want to use my custom Key instead of default key
for example my public Key =(187, 7)
and my private key=(187,23)
how can i pass my public and private key at RSACryptoProvider
I am new to MVC. I am trying to write a simple web app - for learning purposes only, that allows multiple users to log in and enter their top 10 favorite movies. Each user can only see and edit their own list. The can have no knowledge of the other users or their lists.In regular ASP.Net I would do somthing like a session variable to store the user id so I could use it to test against the database and return that users information. I as I understand it that is not the way things are done in MVC. My question is how would I do this in MVC?
View 2 RepliesAllow Admin Users to Access Basic Users Accounts?
View 4 Replies[Code]....
after successful creation of 3 users on my web site now cannot create users
I'm developing an application using ASP.Net.
For first the idea: "My WebApp needs an chronometerto be shared by users and all users will se the same value in cronometer. When a user clicks on a button, the cronometer needs to be restarted and all users will need to see that!"
All right, now I'd like to know what's the best choose to improve more performace an make sure that all users will see the same value in chronometer?
Need I use JSon (with jquery in client side), Timer with UpdatePanel of Ajax Extensions, pure Ajax (with JQuery) how to shared a cronometer for all users in C# (put information in Cache or database) ?
I've a code to persist information in cookies about users like UserName and password.
Question is:
Its not secure to store information like that plain text in cookies.My DB store hashed passwords,so i could save those hashs in cookies and retrieve them later,but if i do that i wouldnt be able to fill password's textbox cause the hash string would be too long for it.
