News in the Category:
Total posts: 1322 | Sort by Views | Sort by Hits
Brendan Kowitzs Web Log - Yes means I understand, however, it does not correspond to action., May 16, 2007
Views: 13,648 | Hits 119
If you are only ever running one ASP.NET application on a website this is not an issue. However, if you are running a site which may have an application at the root and other separate applications run...
Clarity Blogs: ASP.NET, May 30, 2006
Views: 10,655 | Hits 77
I am willing to bet that every developer has been warned about the
dangers of developing multi-threaded operations at some point in their
career. Let's face it, we have enough to worry about with app...
Jason N. Gaylords Blog, February 13, 2007
Views: 9,959 | Hits 44
I rebuilt one of my development machines recently and attempted to access a project that I had out on a network share. I continually received project messages about the project not being trusted. I re...
ISerializable, June 20, 2006
Views: 6,836 | Hits 907
If you're into that kind of thing, Eli says there's a free book download about SharePoint 2007. Download the PDF directly from here.
"Future or current SharePoint develope...
Scott on Writing, July 27, 2009
Views: 6,388 | Hits 40
Most Internet-facing websites that support user accounts allow visitors to register an account on their own. Take a site like Facebook, for example. A visitor who wishes to create a new account may do...
Peter Brombergs UnBlog, April 3, 2007
Views: 5,816 | Hits 902
This came from one of my favorites in the C# newsgroup, Willy DeNoyette. I'll simply post the questions and answers directly, since there is no need to modify it except for some formatting and cleanup...
the telerik blogs, October 13, 2009
Views: 5,278 | Hits 32
Keyvan Nayyeri, February 2, 2008
Views: 5,157 | Hits 866
A few days ago I wrote about a new feature in WCF 3.5 to detect client's IP address. The other new feature in .NET Framework 3.5 and Windows Communication Foundation 3.5 is the ability to write custom...
The Code Project Latest Articles, May 8, 2008
Views: 4,885 | Hits 556
Clear text query strings are a potential security threat for your web application. Thus, query strings should be always encrypted....
hongmeigs WebLog, September 13, 2007
Views: 4,851 | Hits 322
There are two options:
Pros: This is pretty straightforward and relatively hard to discover.
Cons: This is a thread local storage, and you are invoking a ...
Julia Lerman Blog - Dont Be Iffy..., December 21, 2005
Views: 4,795 | Hits 557
In WSE2.0, the recommended way to do authorization, was to attach a principal with
role information to a SecurityToken in a custom UsernameToken manager (which you would
15Seconds.com Features, May 25, 2006
Views: 4,790 | Hits 922
With the introduction of ASP.NET 2.0 and Visual Studio 2005, many of the security tasks required to connect an application's authentication and authorization mechanisms to Active Directory have been d...
Software/Technology Discussion, June 1, 2006
Views: 4,358 | Hits 551
This document is a systematic instruction sheet for creating and installing an ASP.NET 2.0 Membership Provider into SharePoint 2007 Beta 2 installation. This document assumes the reader is f...
Shaun Walker, September 29, 2006
Views: 4,225 | Hits 307
padding: 5px 10px 5px 10px;
-[ Danny Chen ]-, March 16, 2006
Views: 4,170 | Hits 118
I think that the #1 most confusing or misunderstood portion of Site Navigation is the securityTrimmingEnabled flag and the roles attribute on siteMapNodes. This post wil hopefuly clear up some o...
Bryant Likess Blog, January 3, 2008
Views: 4,130 | Hits 425
One of the things I've been looking into in my free time is the Microsoft Sync Framework (MSF) (currently in CTP mode). The MSF is: [A] comprehensive synchronization platform enabling collaboration...
Federal Developer Weblog, August 2, 2006
Views: 4,119 | Hits 556
In Part 6 of the series, Ive added to the security choices by showing how to do Message-Level (aka., Encryption) between the Service and Client. Unlike Transport-Level Security (or SSL over HTTP) whic...
Colt Kwongs Blog, August 3, 2007
Views: 3,980 | Hits 138
My colleague created a WMware Windows base image and I asked him to send a new copy to me because I need an environment of 2 separate (virtual) machines for AppServer (machineA) and DbServer (machineB...
A DotNetNuke blog for tutorials, tips & tricks, October 19, 2005
Views: 3,980 | Hits 68
One of the most complex and important elements you need to understand when working with DotNetNuke is setting up the Security Roles.This tutorial covers: * An explanation of Security Roles * An analys...
Clarity Blogs: ASP.NET, May 28, 2008
Views: 3,834 | Hits 11
I ran into an interesting 'gotcha' when working with an SSRS site that has a custom security extension implemented (instead of using the built in Windows authentication model, see the MSDN sec...
Steven Smith, November 5, 2007
Views: 3,626 | Hits 9
Saw this error today working with the SiteMapDataSource in ASP.NET 3.5/VS2008. Apparently this is a bug that has been around for a while, and is discussed here and logged in Connect here. The is...
Rick Strahls WebLog, July 10, 2006
Views: 3,543 | Hits 379
I’ve been spending a bit of time testing my ASP.NET West Wind Web Store application in medium trust, and it’s been a hit or miss situation finding little things here and there that donR...
Joe Brinkman, January 10, 2009
Views: 3,493 | Hits 233
Silverlight File Uploader is a DotNetNuke 4 & 5 module that is a "wrapper" around the Open Source project Silverlight File Upload. It adds upload security that the original project does not curren...
Rick Strahls WebLog, May 20, 2006
Views: 3,317 | Hits 131
I ran into a bit of a revelation today when I got a message from a customer who had been running our West Wind Web Store in development and ran into a number of issues when deployed on the server. As ...
Software/Technology Discussion, June 14, 2007
Views: 3,294 | Hits 147
Since the beginnings of ASP.NET 1.1, Microsoft disabled HTTP GET and POST actions on .NET Framework based web services (for security reasons). If you want to enable these protocols, add the foll...
The Code Project Latest Articles, July 7, 2008
Views: 3,271 | Hits 353
This article is considered a proof of concept article (POC) to explain how Kerberos authentication can be implemented to authenticate requesters when they need to request a web service....
youve been HAACKED, September 20, 2007
Views: 3,211 | Hits 503
A Subtext user reported a security vulnerability due to a flaw in our integration with the FCKEditor control which allows someone to upload files into the images directory without being authenticated....
Canadian Launch Tour 2005 - Launch Blog, October 20, 2005
Views: 3,147 | Hits 228
For those that want to learn more about the Security options for Authentication and Authorization with the ASP.NET 2.0 Provider Models then I recommend you visit my blog as I outline how to enable dif...
JonGalloway.ToString(), October 15, 2009
Views: 3,147 | Hits 43
Visual Studio Team System was obviously designed for user groups who are all members of a Windows Active Directory domain, all working in the same local network. Im able to work remotely (without VPN,...
kbAlertz.com :: Visual Studio 2005, March 2, 2006
Views: 3,122 | Hits 40
913451 ... BUG: Error message when you enable the Debug in Zone feature for projects in a solution and then you debug the solution in Visual Studio 2005: "The security debugging option is set but it ...
DevX: .NET Feed, August 21, 2007
Views: 3,118 | Hits 213
NET 2.0's System.Security namespace includes the SecureString class, which lets you create encrypted strings and delete them from memory when they're no longer needed....
Wenlong Dongs Blog, August 17, 2007
Views: 3,036 | Hits 272
When you are developing a WCF service with an HTTPS endpoint (i.e., you enabled Transport security), you would want to test it with a test certificate or a certificate which has some invalid data. The...
Julia Lerman Blog - Dont Be Iffy..., January 16, 2006
Views: 3,025 | Hits 422
I was pushing a new WSE 3.0 web service to a test web server. Whenever I tried to
authenticate I was getting "Security Token could not be retreived" from the server.
Radical Development, August 24, 2007
Views: 3,008 | Hits 140
If you need to view or even modify your connection string at runtime then give OracleConnectionStringBuilder a look. For example, the following method will pull the connection properties and display t...
hongmeigs WebLog, July 30, 2007
Views: 3,001 | Hits 57
One possibility is that your binding does not contains required claim types. In your client binding, make sure you have at least one required claims:
WSFederationHttpBinding binding = new WSFederation...
kennyw.com, March 7, 2006
Views: 2,937 | Hits 217
On of the top benefits to using NetNamedPipeBinding is that we provide an on-box guarantee for your messages. The on-box guarantee is enforced by Denying the Network Security Identifier (SID: S-1-5-2)...
Jason N. Gaylords Blog, February 21, 2007
Views: 2,936 | Hits 112
If you use the built-in authentication in ASP.NET, its a good idea to use Hashed or Encrypted passwords. The issue with using Hashed passwords is that you cannot use the built-in password retrieval me...
Ajax.NET Professional, May 12, 2006
Views: 2,926 | Hits 85
I have written a short example about how to use web forms security with Ajax.NET Professional. The example (C# and VB.NET) is included in the latest version available at http://www.ajaxpro.info/. Disc...
ASP.NET Announcements, August 8, 2007
Views: 2,910 | Hits 236
Salmon Training has released our latest training pack: Going Live on Go Daddy (TM) with your ASP.Net 2.0 Membership Website.
Part I sets up the membership site on your PC. We leave you to have the fun...
Software/Technology Discussion, June 28, 2007
Views: 2,895 | Hits 281
I've been racking my brain for the last couple of days trying to figure out how to add a list item to a WSS 3/MOSS 2007 list via the object model from an anonymous web service. At first I ran in...
Pablo M. Cibraro (aka Cibrax), April 8, 2009
Views: 2,819 | Hits 117
It is very common for WCF services that work as Ajax callbacks and ASP.NET pages that live in the same web application to share a common security context for the authenticated user. However, in order ...
Colt Kwongs Blog, June 9, 2008
Views: 2,799 | Hits 81
I just try SmartPart and enable AJAX functionality in SharePoint tonight, here are few notes:1. Download and install SmartPart (make sure SmartPart is deployed and affect all WSS sites as shown in the...
hongmeigs WebLog, August 25, 2004
Views: 2,785 | Hits 184
The idea of SecurityTokenManager is very powerful. It provides one single place to extend the WSE built-in token infrastructure. You can only have one t...
Wenlong Dongs Blog, May 18, 2006
Views: 2,764 | Hits 252
In my blog entry ASP.NET Compatibility Mode, I showed how to do impersonation with ASP.NET approach. WCF provides more flexible operation-level impersonation. Here is a common question:
Thom Robbins .NET Weblog, April 14, 2007
Views: 2,650 | Hits 21
Christian has a great new demo video using Windows CardSpace to provide a secure way to authenticate and register your users for your ASP.NET Web Application. This is based on his Visual Studio 2005 T...
Simple Talk, January 22, 2007
Views: 2,633 | Hits 438
Jesse Liberty demonstrates a role-based security architecture for Windows Forms applications that will allow you to restrict access to any given control, on any form, so that it is either invisible or...
Sahil Malik - blah.winsmarts.com, August 19, 2007
Views: 2,584 | Hits 267
This has to be one of the most common errors you will encounter when tying your WF's with Infopath Forms. So we all know that you can have instantiation/association/modifica...
Colt Kwongs Blog, August 17, 2009
Views: 2,560 | Hits 65
I prepared a SharePoint Report Center portal by using SharePoint 2007 recently, but I was unable to refresh the Excel workbook on my portal and got an error message:
Unable to retrieve external data ...
Joe Brinkman, August 15, 2006
Views: 2,520 | Hits 173
During the DotNetNuke Review process, one item that we look for is whether a module can be completely uninstalled using either automated or manual procedures (assuming the manual steps are documented)...