i have a problem with my asp.net web application.
i'd like to protect passwords users sent to server,
without using SSL server.
i'm not so skilled at that, is there a way to protect the

I have a web site under IIS 5 in Windows 2002 Server and I want to setup.
In the application
I have created an HttpHandler in .NET. I have set the site to require SSL
and 128-bit encryption

I need to implement Runtime (Conditional) Impersonation in one of my ASP.NET
Pages.
If I use the <identity impersonate="true" /> in web.config file, it works
fine.

I have multiple machines, some with 2000, some with XP,  
another with 2003 server. The problem I am having is that
on some machines the re-direction to the default page does
not take place after the logon page. It is just thrown

I am having a problem getting two IIS applications to
share a single authentication cookie.  One app uses the
1.0 Framework and other uses the 1.1 version.  (This is on
Windows 2000 Advanced Server)

I can't get this damn thing to work at all.
I have a virtual directory set up with anonymous access only, web.config
contains the following but when I go to the site it ignores the security and
never redirects to login.aspx. I know this will be a stupid problem but

I'm writing C# ASP.NET application. For different parts of application I
wrote different config files. When I was transferred files from my office
computer (windows 2000 pro) to home (windows xp pro) I got following error.
Access to the path "E:\Inetpub\wwwroot\Erevir\Config\Clanki ...

I need to pass a variable from one page which is a datagrid and has a
hyperlink column. I will be passing the id for a particular row to pull up
additional details of the record. I want to know the most secure method to
accomplish this, the site will be using SSL. Are there any MSDN ...

i have a VB.NET ASP.NET application. the front end is working fine, and know
im developing the manager options. this options have to be in a subfolder
server.com/manager.
how do i protect only that subfolder and its sub-sub-folders?

I'm new to ASP and Internet programming...
I want to send a request through SSL and to receive the response non-SSL. Is
this possible?
I have a MFC LiveUpdate client application. I want to send the request (for

I am using FormsAuthentication for my application, and in
the UserData property of the FormsAuthenticationTicket
I'm storing the roles that the user is a member of, to
retrieve in global.asax and create a GenericPrincipal

   I'm new to ASP.NET, and I'm trying to learn how to implement forms
based authentication.  However, I don't know what I'm doing wrong.
While the FormsAuthentication.Authenticate method returns true, after
I call FormsAuthentication.RedirectFromLoginPage I am redirected back

Can you create a new class that inherits from httprequest
and override the validateinput method, is this possible,
advisable, best practice or is there another way to
accomplish this. Any articles or code samples would be

Need some advice on some of the security issues in my ASP.Net application.
There are certain tasks that I need to implement so need advice/guidance on
them as well as safeguards that I should implement.  The application would
be typically running on Windows Server 2003 with IIS6 ...

I am currently building a site, and we have a number of users that can have
a particular priveledge, but each user has their own set of cases that they
can update (identified by case ID).
When the user clicks on a case, it needs to pass this to an 'update case'