Can this utility be used for an impersonated user in Web.Config?
I've used it to create the appropriate userName and password keys in the
registry and put the settings in Web.Config like this:
   <identity impersonate="true"

I'm looking for an ASP.NET(login page) that validates against a database.
And after succesful logon ..PRINT the USERS name on the Page(Session)!!
Can anybody help?
___

Hi, I developed and installed a Web Service on a Windows Server 2003, the
web service works fine on any Windows XP Workstation but not on the server,
I keep getting this exception:
System.Security.SecurityException: Request for the permission of type

i send my ASP project in my wwwroot to my friend,
he place that folder in his wwwroot,
exactly folder path with me,
but when he access the aspx, the 0X80070005 access denied to

I have found what I believe to be a serious security
issue in ASP.Net.  If you have:
1. Your website configured for anonymous access
2. Elect under web.config to set the sessionstate

Has anyone seen any good examples of how to stop someone
from stealing the session id to hijack the session?
Thanks...

I have developed a web site running on Win2k and IIS.  
It uses Integrated Windows Authentication.  When the user
selects
the URL for the site, they are prompted for their Network

Is it possible to kill the Application session on website leave event? i.e
using "FormsAuthentication.SignOut()" when changing the web site by entering
a different domain name in the address bar on Internet explorer.
Thanks.

I have an asp.net web site. I want 1 page to be accessed by a group ( which
I have set up on the web server). The remaining web pages can be accessed by
anyone.
In the web.config file I have used these settings:

I've spend days with this but couldn't find a solution, maybe you can help
me. In classical ASP, there was the so called "PermissionChecker" COM
component, which would tell you if the current user has (read) access to a
certain file, a lá

in a webapplication in a company where i have two seperate
domains, without any trust relation i need the following.
on the first domain (the backoffice) the users use a
webapplication to see transaction on a database in the

I would like to develop my own authentication service and to use it in
several projects. Also, my service should implement windows, forms,
sql Server or LDAP authentication.
My first thought was to use the factory pattern to choose "on the fly"

i have written an aplication that changes some global variables of my
another application. it is some kind of a web.config editor.
i want all users that are signed in to be signed out when i change any
variable with the utility program.

I've got an ASP.NET project that i need to support multiple types of login
authentication.  I've tried initially to create a login system where you are
presented with an Account / Password page and then also a link that would
allow them to say "Use my Windows NT account".  The forms ...

Does anybody know the actual meaning of AspNetHostingPermissionLevel
enumeration members? All I've been able to find out is accepted value names
and their numeric counterparts. But what is the effect of a particular
value?