I just want to know if it's common to decrypt a Session-Object in a
ASP.NET application.
My collegue says that I have not do this because the information is
stored on the server.

I have an asp.net app that uses windows authentication.  I'm doing my
development and testing from one box.  In the browser if I enter:
http://mybox/virtualdirectory/default.aspx  everything works as I would
expect.  It recognizes my login and away I go.

I'm having trouble finding specific documentation
regarding the negative impact of using delegation in a
Windows 2000 environment. I've read through numerous
articles on using it, but if I do find anything that

I have an asp.net application.  I have used VStudio Web
Deployment Project to create the MSI file.  I copy the
MSI file from my developer PC to my test server running
Win2003Server Web Edition.  I run the MSI to install -

scenario: users can store data (guestbook entries, ther usernames and so on)
on a database-driven website and i have to care about that they don't insert
(aggressive) javascripts or html tags that destroy my layout. but it's not
an option to deny characters like ', " or < at all.

Hello, I am trying to execute a batch file from my asp.net
app. To execute the command in this file, it will need
domain admin rights.
I know I could set that up in machine.config, but that

Alright - here's a simpler part of my previous questions.
If I have an application that uses forms authentication,
is it possible to have one Login.aspx file for the root
application, and a separate Login.aspx file for a folder

I want to protect a single file (openvideo.aspx). I already setup the
folder as an application in IIS.
The authentication seems to work fine and the permissions works as it
should.

Hi all;
I want to use user name and password in my asp.net project
for all aspx files but not for asmx files. Or i want to
use some files with user name but some another not

I have an application where I would like to present a nice HTML based
login page but log the user in using Windows Authentication.
I know that forms authentication is not what I need because it doesn't
tie into Active Directory.   And I don't want to use Windows

I am just getting started with ASP.Net.  I am attempting to place a dateGrid
on a page and I have done all the things I would do in a Windows
application:
- drag a connection to the form

If the woker process is configured to be run under username="machine" in
machine.config and impersonate=true under web.config, will the impersonated
account be used to run the worker process or just the thread only?

I've read many messages and even more technotes, but I still can't get the
following scenario to work:
I have a Windows 2003 web server and a separate Windows 2000/SQL server,
both in the same Active Directory on our LAN.  I need to flow the user

We have an asp.net app protected with integrated security. Part of
this application carries out document prodcution and management via a
mixture of asp.net code and activex client controls.
The problem occurs when trying to open documents / templates (ms word)

Ok.. so I've read and seen lot of messages and MSDN docs concerning the
above issue.. how do I get it to work?
I want to impersonate the current user accessing my website...
so I turn on the site directory security to NOT allow anonymous but turn ON