I need to design a custom security Authentication and Authorization
framework that is unified for both windows and web applications. A
number of articles, including this one,
http://www.codeguru.com/csharp/csharp/cs_misc/security/article.php/c7415/

I have a web application that allows users to download their data to a
file on their computer.  Then at a later time they can upload the file
back to the web server and continue working.  The file is in XML
format.  I want to find a simple way to encrypt the file before I

Hi,
I'm writing an outlook 2003 plugin and encountered a problem.
I'm creating a new AppDomain in order to load an assembly into it. I don't
want to have this .dll loaded in CurrentDomain, so I can replace the file

When I run fxcop against my vb app (MyApp, FW 1.1, a vb winforms program), I
get some complaints about LinkDemands, namely:
   "Do not indirectly expose methods with link demands"
What am I supposed to do about this?  I have read a lot of material about

I have an assembly that I wrote in .NET 2.0 for Reporting Services.
It essentially attaches to an Oracle DB and gets back a dataset.
I tried it out by a test windows application and it worked fine, however
when I try and run it within Reporting Services I get...

I'm (still) developing a secure app. So I have a connectionstring in my
web.config.
That string is encrypted. So I decrypt it when I want to use it. No problem.
But I also have some other info in the web.config. The app uses integrated

after I changed the permisssion set of All_Code to "nothing"
, I can't set the .net configuration anymore?
even the Caspol.exe tool can't work anymore.
it just shows that "System.Security.Policy.PolicyException" error?

I am trying to prevent reflection access to my dll.
the dll have one class name Class1:
public class Class1
{

I think I put this in the wrong group (aspnet.security), reposting here.
 Sorry:
I've been looking at this off and on for a few days now and can't figure
out how to simply move a keycontainer from one machine to another.  I've

I have a .Net 2.0 Client/Server application using .Net 2.0 Remoting.
The users provide their credentials by the client's UI. The server
authentication is
via Kerberos for intranet users, NTLM for external users (via

HI, im trying to get a string hashed, im trying to use the example:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/c
ryptosimplified.asp
my problem is that even if i have a string that is 20 characters long and a
salt that is 80 characters, the output ...

I have the Microsoft AES Crypographic Provider installed. I am required to
ONLY use FIPS Compliant encryption technology.
If I use Rijndael.Create() to get a SymetricAlgorithm is this using the
RijndaelManaged class or is it using the Microsoft AES Crypographic Provider?

   I am trying to impersonate a local user on windows 2000 server in vb.net
application using following piece of code
Public Class ADVAPI32
   ' LogonUser call

I am using .NET 2.0 and am writing an app that imports data from a previous
version.  One field in the old database stores data encrypted using CAPICOM
that I would like to decrypt.  I don't want to reference the CAPICOM.dll
(which is version 2.0.0.3) using Interop and would like ...

I have a problem with some code in an assembly that use
RSA.ImportParameters().
If the assembly is used in a WinForm application it's fine, but I'm having
troubles when it's used in ASP .NET.