I've an IIS6 ASP.NET 2.0 web site (not a virtual directory, a web-site).
I've configured the web-site (following directions at
http://support.microsoft.com/kb/215383) in the MetaBase to allow NTLM and
Negotiate access, and the site itself is using Integrated Windows

So I have a problem that is more difficult that it might seem at first
glance.  created.  Any help/a clever "duh" answer would be great as we've
spent more than 8 hours trying to get this working.
Please see the following thread for the full details:

Have just installed mysql on to my server
Does anyone know of a sample test script that will test if asp can connect
to a test databse?.
I just want to find out if it is working.

I have a simple login form to authenticate users.  A code segment looks like
this:
           search.PropertiesToLoad.Add("cn");
           search.PropertiesToLoad.Add("name");

I have a simple login form to authenticate users.  A code segment looks like
this:
           search.PropertiesToLoad.Add("cn");
           search.PropertiesToLoad.Add("name");

Simply put, best practices say to:
1) Put ConnectionString info in to web.config for easier editing (and
disallow the need to recompile code if settings change).  
2) Encrypt the ConnectionString section using the aspnet_setreg.exe utility.

The main idea of IWA is to have a single sign on capabilities web site and I
think it is good if you have a web that cater internal people.
A few questions coming out from this implementation
1) How does the C# Windows Authentication work? Does the NTLM handshake only

I have a requirement that I need to create a website running on IIS6 that
needs to be anonymous access by default with Windows once a "Sign in" button
is clicked.
I've pondered about this and have come up with a solution, but I just want

Please correct me if I am wrong here,
When we put the username/password in the Form Authentication Web
application, usually the username/password is stored in the cleartext, in the
client memory space. So what happen is that in the public computer, a hacker

I have an ASP Website setup which presents some data, then posts
changes to that data to another webpage (whcih is java based) by using
variables on the URL Line, the Java website trapps the user's details
and places some information against the closed call, such as who

I am still able to navigate back to secure area even after calling
FormsAuthentication.SignOut() on the
logoff.aspx
I read some place that I need to clear the cookie, expire it etc..

Suppose web.config contains
  <authentication mode="Windows"/>
  <identity impersonate="true" userName="XYZ" password="XYZ"/>
and the password is wrong. Then if the website is opened in the browser, a

greetings all, (again blasted newsreader killed my initial epic, email post
numero 2)
I have a dev box(XP) that I am developing an ASP.NET 2.0 application .. am
trying to use membership features .. have set  up my local box secured a

Hi, I'm trying to setup ASP security for the first time and am having some
problems.  If anybody can help, I would greatlly appretiate it.  I setup the
aspnetdb and setup users and roles through the ASP.net configuration.  I
setup a Logincs.aspx page with a Login Web Control.  ...

Here is my issue:
1) This is an ASP.NET 1.1 website hosted on Windows2003 Server
2) SP1 for .NET 1.1 is installed
3) I have the .gif extension mapped in IIS to the 1.1 aspnet_isapi.dll