News in the Category:
Total posts: 1322 | Sort by Views | Sort by Hits
15Seconds.com Features, May 25, 2006
Views: 4,790 | Hits 922
With the introduction of ASP.NET 2.0 and Visual Studio 2005, many of the security tasks required to connect an application's authentication and authorization mechanisms to Active Directory have been d...
ISerializable, June 20, 2006
Views: 6,835 | Hits 907
If you're into that kind of thing, Eli says there's a free book download about SharePoint 2007. Download the PDF directly from here.
"Future or current SharePoint develope...
Peter Brombergs UnBlog, April 3, 2007
Views: 5,816 | Hits 902
This came from one of my favorites in the C# newsgroup, Willy DeNoyette. I'll simply post the questions and answers directly, since there is no need to modify it except for some formatting and cleanup...
Keyvan Nayyeri, February 2, 2008
Views: 5,156 | Hits 866
A few days ago I wrote about a new feature in WCF 3.5 to detect client's IP address. The other new feature in .NET Framework 3.5 and Windows Communication Foundation 3.5 is the ability to write custom...
WebServices.Org Weblogs, February 25, 2006
Views: 1,511 | Hits 573
As we speed through the security industry?s gala ball?this week?s RSA Conference in San Jose?it?s clear that privacy and identity management are getting more attention than ever....
Julia Lerman Blog - Dont Be Iffy..., December 21, 2005
Views: 4,793 | Hits 557
In WSE2.0, the recommended way to do authorization, was to attach a principal with
role information to a SecurityToken in a custom UsernameToken manager (which you would
Federal Developer Weblog, August 2, 2006
Views: 4,116 | Hits 556
In Part 6 of the series, Ive added to the security choices by showing how to do Message-Level (aka., Encryption) between the Service and Client. Unlike Transport-Level Security (or SSL over HTTP) whic...
The Code Project Latest Articles, May 8, 2008
Views: 4,885 | Hits 556
Clear text query strings are a potential security threat for your web application. Thus, query strings should be always encrypted....
youve been HAACKED, September 21, 2007
Views: 1,504 | Hits 555
This is a quick follow-up to my last post. That seemed like such a common test situation I figured Id write a quick generic method for encapsulating those two tests. Ill start with usage. [Test]
Software/Technology Discussion, June 1, 2006
Views: 4,357 | Hits 551
This document is a systematic instruction sheet for creating and installing an ASP.NET 2.0 Membership Provider into SharePoint 2007 Beta 2 installation. This document assumes the reader is f...
youve been HAACKED, September 20, 2007
Views: 3,210 | Hits 503
A Subtext user reported a security vulnerability due to a flaw in our integration with the FCKEditor control which allows someone to upload files into the images directory without being authenticated....
youve been HAACKED, September 21, 2007
Views: 1,181 | Hits 465
In his book, Producing Open Source Software, Karl Fogel gives sage advice on running an open source project. The section on how to deal with a security vulnerability was particularly interesting to me...
Simple Talk, January 22, 2007
Views: 2,630 | Hits 438
Jesse Liberty demonstrates a role-based security architecture for Windows Forms applications that will allow you to restrict access to any given control, on any form, so that it is either invisible or...
Bryant Likess Blog, January 3, 2008
Views: 4,130 | Hits 425
One of the things I've been looking into in my free time is the Microsoft Sync Framework (MSF) (currently in CTP mode). The MSF is: [A] comprehensive synchronization platform enabling collaboration...
Julia Lerman Blog - Dont Be Iffy..., January 16, 2006
Views: 3,025 | Hits 422
I was pushing a new WSE 3.0 web service to a test web server. Whenever I tried to
authenticate I was getting "Security Token could not be retreived" from the server.
Microsoft Certified Professional Magazine Online | Todays Top Picks, July 6, 2009
Views: 1,293 | Hits 391
Microsoft last week described a problem with its Forefront enterprise security solution for SharePoint Server, cautioning that document data could get deleted as a result of the bug....
Method ~ of ~ failed, July 16, 2008
Views: 1,943 | Hits 386
After posting my sample implementation of accessing Amazon Simple Storage Solution (S3) via Silverlight, I reflected quickly and also chatted with some AWS engineers. Cross-domain Policy One thing t...
Rick Strahls WebLog, July 10, 2006
Views: 3,542 | Hits 379
I’ve been spending a bit of time testing my ASP.NET West Wind Web Store application in medium trust, and it’s been a hit or miss situation finding little things here and there that donR...
The Code Project Latest Articles, July 7, 2008
Views: 3,269 | Hits 353
This article is considered a proof of concept article (POC) to explain how Kerberos authentication can be implemented to authenticate requesters when they need to request a web service....
Scott Cates WebLog, October 3, 2007
Views: 1,148 | Hits 337
Last week I was in Boise, speaking to their .NET User Group, with INETA.org. The group leader, Cory Isakson, was talking about his PayPal Security Key. This is the key chain fob that has a tiny screen...
hongmeigs WebLog, September 13, 2007
Views: 4,851 | Hits 322
There are two options:
Pros: This is pretty straightforward and relatively hard to discover.
Cons: This is a thread local storage, and you are invoking a ...
Rick Strahls WebLog, December 14, 2007
Views: 2,119 | Hits 310
I've been racking my head over a 'generic' problem in relation to a WCF Web service client. I have an component that acts as a Web Service wrapper to proxy calls between a non-.NET client and a WCF We...
Steven Smith, September 4, 2009
Views: 2,051 | Hits 308
Earlier this week, after enduring yet another windows update, I came up with a feature request for Windows that would make me a much happier user. Weve all heard about requests for speeding up b...
Shaun Walker, September 29, 2006
Views: 4,223 | Hits 307
padding: 5px 10px 5px 10px;
ScottGus Blog, February 24, 2006
Views: 1,808 | Hits 303
I usually try and spend at least an hour or two each night hanging out on the ASP.NET Forums answering questions. The last week or so Ive been spending a lot of time in the Security Forum answer...
Jeffrey Palermo, June 6, 2009
Views: 1,900 | Hits 289
I tried to set up a website with Mosso, the Rackspace cloud. What was really interesting and much more compelling that Azure is that they claim they support .Net 3.5 SP1 and ASP.NET MVC as well ...
Software/Technology Discussion, June 28, 2007
Views: 2,895 | Hits 281
I've been racking my brain for the last couple of days trying to figure out how to add a list item to a WSS 3/MOSS 2007 list via the object model from an anonymous web service. At first I ran in...
Wenlong Dongs Blog, August 17, 2007
Views: 3,036 | Hits 272
When you are developing a WCF service with an HTTPS endpoint (i.e., you enabled Transport security), you would want to test it with a test certificate or a certificate which has some invalid data. The...
Pablo M. Cibraro (aka Cibrax), July 24, 2007
Views: 1,489 | Hits 271
The configSource attribute was firstly introduced in .NET framework 2.0 to support external configuration files.
This attribute can be added to any configuration section to specify a an...
Sahil Malik - blah.winsmarts.com, August 19, 2007
Views: 2,584 | Hits 267
This has to be one of the most common errors you will encounter when tying your WF's with Infopath Forms. So we all know that you can have instantiation/association/modifica...
ISerializable, February 16, 2006
Views: 1,105 | Hits 264
KeePass for the past month or so and I love it. FolderShare to automatically synchronize my passwords with all my machines. I only need to remember one unique password - the one to open KeePass. the r...
ISerializable, June 7, 2007
Views: 1,254 | Hits 260
Last night I finally Finished chapter five in my upcoming book about unit testing. Chapter five was all about Mock Object frameworks and was the longest and hardest to write so far. Some of the reason...
Scott Cates WebLog, April 13, 2007
Views: 1,126 | Hits 260
If you've ever seen my demo, you've noticed that I use and talk about Resharper a lot. I love it. It does so many things that enhance productivity, it's simply amazing. Here is my favorite feature of ...
Wenlong Dongs Blog, May 18, 2006
Views: 2,764 | Hits 252
In my blog entry ASP.NET Compatibility Mode, I showed how to do impersonation with ASP.NET approach. WCF provides more flexible operation-level impersonation. Here is a common question:
Rick Strahls WebLog, March 16, 2006
Views: 2,190 | Hits 252
I thought this was pretty funny:
Interesting when you dig through the site there's not a heck of a lot of information on how the thing works. All I see i...
Miguel de Icaza, March 8, 2006
Views: 1,470 | Hits 236
Joe posted an enthusiastic description of AppArmor: a Novell technology that uses the Linux security infrastructure to improve the security of your system. Novell originally acquired this proprietary...
ASP.NET Announcements, August 8, 2007
Views: 2,909 | Hits 236
Salmon Training has released our latest training pack: Going Live on Go Daddy (TM) with your ASP.Net 2.0 Membership Website.
Part I sets up the membership site on your PC. We leave you to have the fun...
Joe Brinkman, January 10, 2009
Views: 3,493 | Hits 233
Silverlight File Uploader is a DotNetNuke 4 & 5 module that is a "wrapper" around the Open Source project Silverlight File Upload. It adds upload security that the original project does not curren...
GotDotNet: New resources, November 10, 2006
Views: 1,096 | Hits 230
This article covers what the differences are between hashing, MAC and digital signatures. It presumes a certain level of knowledge about encryption methods especially the difference between symmetric ...
ASPAlliance.com - The #1 ASP.NET Community, June 16, 2006
Views: 1,083 | Hits 230
In the first part of this article, Brett provides ideas for improving the security of ASP and ASP.NET web applications....
Canadian Launch Tour 2005 - Launch Blog, October 20, 2005
Views: 3,147 | Hits 228
For those that want to learn more about the Security options for Authentication and Authorization with the ASP.NET 2.0 Provider Models then I recommend you visit my blog as I outline how to enable dif...
ScottGus Blog, June 20, 2006
Views: 2,379 | Hits 220
Scott Mitchell recently published part 5 of his nice series on using the new ASP.NET 2.0 Membership and Roles features. You can read the series here:
-- Part 1 - Learn about how the me...
kennyw.com, March 7, 2006
Views: 2,936 | Hits 217
On of the top benefits to using NetNamedPipeBinding is that we provide an on-box guarantee for your messages. The on-box guarantee is enforced by Denying the Network Security Identifier (SID: S-1-5-2)...
DevX: .NET Feed, August 21, 2007
Views: 3,116 | Hits 213
NET 2.0's System.Security namespace includes the SecureString class, which lets you create encrypted strings and delete them from memory when they're no longer needed....
Wallace B. McClure, November 24, 2005
Views: 1,072 | Hits 207
As I am working on our "AJAX with ASP.NET" book, I have had this one nagging question "Why can't I make a request against a web service on another server" I still don't have a specific answe...
Rick Strahls WebLog, March 6, 2007
Views: 2,240 | Hits 205
Ive been going over some final code tweaks to my West Wind Web Store for a new release and one thing Ive been fretting over is a couple of Trust issues related to Http permissions and Socket/SMTP per...
15Seconds.com Features, January 5, 2006
Views: 978 | Hits 201
Masking or anonymizing a Web server involves removing identifying details that intruders could use to detect your OS and Web server vendor and version. This information, while providing little or no u...
Keyvan Nayyeri, June 3, 2006
Views: 2,210 | Hits 200
This issue for us on ASPnix bit me to post this. Medium trust issue in ASP.NET 2.0 is one of most common issues for developers on most of shared hosting environments. Those of you who havent depl...
Brad Abrams, January 30, 2006
Views: 938 | Hits 199
Stefan Schackow a PM on my new team recently published at great book on the applications services offered by ASP.NET 2.0. While I have only worked with Stefan for a month now it is already obvio...