|
|
|
|
|
| | Total Hits: 47 | Today: 0 | Author: M.M.Al-Farooque Shubho | Rating:  |
| | 
Sad, but true, “Forms authentication in ASP.NET does not directly support role based authorization”. If you have ended up implementing Forms authentication along with configuring authorization rules for “users” and “roles” in the web.config, you are going to see the access rules working fine for “users”, but, not working at all for “roles”. You might have thought, there must be some way to specify user roles in the famous FormsAuthentication.RedirectFromLoginPage(), or, any other method. But, th... |
| | Total Hits: 349 | Today: 0 | Author: codeproject | Rating:  |
| |
This is a simple mechanism to authenticate users to a Web Service, using a Time Token and MD5 Hashing to encrypt password.... |
| | Total Hits: 33 | Today: 0 | Author: Pero Matic | Rating:  |
| |
When we as developers encounter the same coding scenario time and time again, we naturally tend to encapsulate that coding logic and reuse it in an effort to save time and minimize maintenance.... |
| | Total Hits: 91 | Today: 0 | Author: Valentin Billotte | Rating: |
| |
First of all, please accept my apologies for my poor English. This article talks about creating entities proxy classes for your own need. The proxy class generated from a ADO.NET Data Service is simple and only helps for standard CRUD scenarios. But as soon as you want to make something complex or special, you will find some restrictions.... |
| | Total Hits: 3 | Today: 0 | Author: Mike Gold | Rating:  |
| |
One of the big challenges I had to overcome this week was how to launch an application with arguements from a hyperlink in the WebBrowser Control. You would think this would be fairly easy, but underneath the workings of the WebBrowser Control is security-heavy Internet Explorer. I guess one of Microsoft's ongoing challenges is to balance the amount of security IE needs against viruses and wormbots and to make the control useable for developers. It seems to me, when it comes to automating IE,... |
| | Total Hits: 81 | Today: 0 | Author: Hugo Hallman | Rating:  |
| |
This is a method (no complete implementation) to offload the database server hosting protected objects delivered through ASP.NET (Web services will work too) by simply signing a URL to the page actually delivering the material. Example: A web site where the access checks are very complicated. When browsing, the members only see objects that they have access to, therefore we know when making img-HREFs that the member actually have access, which is why we may sign the HREF so we don't need to chec... |
| | Total Hits: 87 | Today: 0 | Author: Prakash Kalakoti | Rating: |
| |
There are many ways of attacking a website like SQL injection, by injecting script, Session hacking etc. And you'll get lot of articles at CodeProject about this. In this article, I am trying to explain the use of CAPTCHA (I am not going to explain what CAPTCHA is ... search it on CodeProject or Google if you have not implemented it.) to avoid registration of dummy users to your database by a computer program. Using a simple example, I'll explain how any program can register thousands of dummy u... |
| | Total Hits: 50 | Today: 0 | Author: Eric Newton | Rating: |
| |
The ASP.NET 2.0's CookieParameter is a good start to providing HTTP data directly to the DataSource controls, including SqlDataSource and the various other flavors. However, in my opinion, there were two glaring omissions from the code, including the ability to extract a keyed value in a multi-valued cookie. (See HttpCookie.Values collection, providing a name-value pair grouping.) Additionally, my last article introduced HttpCookieEncryption, a way to prevent tampering of cookie data. Note that ... |
| | Total Hits: 108 | Today: 0 | Author: Mohd Faraz (Lucky) | Rating: |
| |
Security has always been a top issue for all kinds of applications, especially Web applications. Web apps are accessible to almost the entire universe, and are open to attack. Most of the web applications provide the file download feature, the real time challenge is not in providing such a feature, but in securing such operations. Recently, I dealt with an application which demands for secure file upload and download, during which I did wide research, so I thought of sharing it with the world to... |
| | Total Hits: 72 | Today: 0 | Author: Mohammad Dayyan | Rating: |
| |
PHP Fusion 7 has a greate CAPTCHA class under GPL license, so we can use it in our GPL projects.
This article shows you how we can use it.... |
| | Total Hits: 130 | Today: 0 | Author: Samer Abu Rabie | Rating: |
| |
Security in web applications is something necessary nowadays; especially because everyday attacks are in increase. But in this article, we are not going to discuss the authentication of a web application, we are going to discuss a simple and powerful way for authorization instead.... |
| | Total Hits: 67 | Today: 0 | Author: Svante Seleborg | Rating: |
| |
The web is full of desperate pleas for help by prematurely bald developers who have discovered the fatal flaw in the shiny new ASP.NET 2.0 System.Net.Mail.SmtpClient class. This is touted as overcoming all the problems of the old variant, that could not even be configured for credentials without resorting to some heavy-duty tricks. As has been discovered by countless people, while the new SmtpClient() class in ASP.NET 2.0 is neat, easy to use, and configurable via Web.Config, they forgot one thi... |
|
|
|
|
|
|
|
|
|
|
|
|
|