What do I put in the strCookiePath?
Thanks
public static void SetAuthCookie(
  string userName,

   I'm creating a class, that will go to a database and authenticate if the
user
exist and the password is correct.
What I don't understand, is how I tell my application that the user is

   I was reading that md5 is not that secure and that sha-1 or whilpool or
ripemd-160 were better solutions. I'm using asp.net and I want to encrypt the
password. Where can I find a sample code for that with sha-1. I can't seem to
find one.

I'm writing a web method which calls a COM+ method, which I need to
call with the user that logged on to windows and invoked the WebMethod
(impersonation).
Simple impersonation works (impersonte=true in web.config) - however, i

We are using the Membership services and the SQL Membership provider that
comes with .Net 2.0. We have no problems but we have added our own tblRoles
table to go with the aspnet_Roles table that Microsoft provides. tblRoles
has extra information not in aspnet_Roles. There is, and ...

Hi, I'm using Active Directory as Membership Provider and Azman as
RoleProvider, everything works fine except that any change made in Azman
after the ASP.NET 2.0 APP is
initialized returns a cached version of the roles information. The APP needs

how could i get the PC name of the client pc using ASP.net ??

I am writing an ASP.NET 2.0 application using Forms Authentication and a SQL
Server 2005 database that was created using the aspnet_regsql utiliity.  The
database does not use the default name, aspnetdb.  I am setting up a page
using the CreateUserWizard to allow new users to ...

Hi;
Are there any good books out there on security under .NET 2.0? Hopefully
covering everything from login/impersonation to cryptography/storing secrets
to active directory access.

I am stuck with a .Net Compact Framework 2.0 application in Windows Mobile
5.0. The application uses a web service developed in .Net Framework 2.0 to
synchronize data with a legacy application. So far, so good.
The problem is that this communication is to be protected using SSL ...

I want my users to get a login page if they forms cookie is not present, but
if the forms cookie is present and expired, I want them to get a timeout
page. Is this possible with forms authentication?

I have an issue which goes something like this
I have a web app that accesses a SQL Sever. I use AD for my users. In
SQL i have assigned my users to various roles etc....not SQL users but
AD users.

I have an ASP.Net 2.0 website which is currently under development,
called Web1. It has a link which takes the user to another website
called Web2, running ASP which is on a different machine.
Web1 uses Forms authentication with IIS6 running with Anonymous user.

I'm trying to use forms authentication and the new automated login process
in VS2005. My development machine is WINXP but my database is on WS2003 under
SQL Server 2005.
I modified my web.config to include the following:

First let me apologiose if this is a regular question but I am struggling to
find the answer.
There are plenty of posts/articles about the AccessMembershipProvider dating
back to 12/18 months ago but I havnt seen any recent information about it.