I'm trying to access an access database on the file server from a web server
using asp.net and IIS 6.0.  I can do it when I have anonymous access enabled
in IIS 6.0 as in the public internet web site style.  I want to do the same
with the intranet setup where IIS 6.0 is not setup ...

Password length minimum: 7. Non-alphanumeric characters required.I ve taken
this error. Microsoft Security Policy requires something nonsense I think. I
never think a password like "75256asdf!^+%&" this. How can I use normal
passwords which users demand what their hearth say as a ...

I've speant the past couple months reading off and on about the use of
roles & memberships in ASP.NET sites, using the role providers, etc.
However, the largest problem that I've been having reading all this
information, code smaples, etc, it that it is 95% focused on external

In my intranet app, I have my web.config file's authorization section
defined as follows:
    <authorization>
       <allow roles="foo" />

I am writing a Post client with the HttpWebRequest object and using the
Crypto API to access "MY" store and pull out the certificate that I want.  I
attach it and send it, but I still get a forbidden (403).
If I browse the site with Internet Explorer, the certificate exchange is

Is it possible to do ASP.NET Impersonation in a windows 2003 non domain
member server (locate at the DMZ)? If so, how can I do that?
Thanks in advance for your kind reply
Best regards,

A customer has asked that we provide, in writing, the permissions required
for our deployed .NET (C#) web service. I have located MSDN articles on
ASP.NET permissions but none of these articles cover the C:\WINDOWS\TEMP
folder.

Hi peeps, I'm hoping you can help.
One of the applications that has been created for one of our clients
needs external access via the internet.
The app is a .Net 2.0 webb app that connects to SQL server 2005.  We

I have problem writing content to a UNC file from my ASP.NET 1.1
application. This is on Windows server 2003
The event log says "X:\temp\abc.txt path not found" and stuff.
Note that I have allowed Full Control permission on abc.txt on the other

I'm really no expert whatsoever when it comes to security in dotnet and have
a question about setting up login security to a web application we are
building.
The application will be accessible to mainly users within the company but

I'm wondering how can i prevent this scenario:
I have asp.net application , not using any kind of asp.net secuirty models [
neither Windows Nor Forms Auth].
Client can save a complete copy of the web site locally, he can change any

I have a .NET 2.0 web app that uses forms authentication to get around an
issue with FireFox. FireFox will allow you to save the username/pass and this
is a SOX no no.
The objects in the web application call a Windows Authenticated web service.

ASP.NET 2.0
Windows app written in C# and VS 2005
=============================
I am having difficulties encryting web.config files when using Cassini (IIS is currenly disabled) as the VirtualDirectory param seems to only work when IIS is up and running.

I would like to know if it's possible to set up two seperate servers with the
same SSL certificate and not have the customer/client notice anything when
traffic goes from one server to the other (no SSL security notices or
anything).  Here is the detailed scenario:

I ran the aspnet_regsql.exe tool with the -sqlexportonly option to create the
script. I searched and replace the string [dbo] by [mySchema] and had the
dba's run the script. When I do anything like Membership.CreateUser or click
on the 'security' tab in the website admin tool I ...