View Complete Post
apologies if this has been answered before.
it seems that the scaffolding that generates the list, edit, details apsx pages uses querystrings to pass the primary key for the relevant record. thus is i have a list.aspx showing me a grid of records, the edit hyperlink will be something like http://../tblTable/edit.aspx?ID=n where n is the key of the record to edit.
however, obviously this is not secure for a multi-user site as someone else with a valid login could potentially see records which they shouldnt simply by trying different "ID=n" values?
is there a way to change this behaviour in a Dynamic Data site or will i have to manually code to ensure a user only see records intended for them?
any help is gratefully appreciated
I know there is a method built in for retrieving the encrypted password, but how do I retrieve the encrypted security answer?
What I want to do is have a member profile update screen that the end user can update their password and security question and answer. However, when they get to this page, I want to already be showing the security question (the easy part) and its answer (the not so easy part).
I have updated web.config with passwordFormat=Encrypted and have added a machineKey with the generator (forgot the link, but located on eggheadcafe somewhere).
I haven't done ANYTHING yet, since I already have a user store with hashed information. I wanted to get some functionality done before publishing, wiping the store and recreating users (only a couple developers).
SharePoint 2010 introduces a number of new ways to access business data and present it to the user. We'll show you several options that range from no-code solutions to fully integrated Office add-ins.
Donovan Follette , Paul Stubbs
MSDN Magazine July 2010
SharePoint search may return too much information, causing data security problems. Learn how to use the custom security trimmer to ensure users see only the documents they have permission to view.
Ashley Elenjickal, Pooja Harjani
Many early adopters cloud platforms have questions about security. We review some of the cryptography services and providers in Windows Azure along with some security implications for applications in the cloud.
MSDN Magazine January 2010
This month Ted Pattison presents an overview of programming security and permissions for Windows SharePoint Services 3.0.
MSDN Magazine February 2008
To execute a SQL injection attack, a hacker writes a Web page that captures text in a textbox to be used to execute a query against a database. The hacker enters a malformed SQL statement into the textbox that causes the back-end database to perform operations the owners did not intend it to perform, like making unauthorized updates. This article explains how you can protect against the all too common SQL injection attack in your own database. The steps covered include data validation, proper exception handing, and much more.
MSDN Magazine September 2004
There's a lot to say about Windows Server 2003. First of all, it's the first operating system with built-in .NET Framework support, and it's the first 64-bit OS from Microsoft. But wait, there's more! There are lots of new features and APIs in this version as well. For instance, Windows Server 2003 features Hot Add Memory and a number of other arcane new tidbits. There are new APIs for handling threads, directories, and files, and new features like the low fragmentation heap for managing memory and system information. There's vectored exception handling and new UI APIs as well.OS internals expert Matt Pietrek takes a look at the additions he finds most interesting and useful so you'll have a good place to start when you dive into Windows Server 2003.
MSDN Magazine June 2003
Building Web sites that provide services external to the corporate firewall is tricky. Usually it's not desirable to grant corporate domain accounts to external clients, and from a purely practical standpoint Kerberos does not work well over the Internet due to the typical configuration of client-side firewalls.
MSDN Magazine April 2003
Security improvements have been a top priority in the evolution of IIS. IIS 6.0, which will be part of Windows .NET Server, has improved security features and a new approach to server configuration. New security-related tools for IIS, including IIS LockDown, make securing your server against attack easier than ever. The author explains how and why you can shut down services with IIS LockDown. He discusses limiting port access with TCP/IP filtering, controlling how files are served with extension mapping, what's new for Secure Sockets Layer, the use of URLScan, and more.
MSDN Magazine September 2002
The .NET Framework includes a set of cryptographic services that extend the services provided by Windows through the Crypto API. In this article, the author explores the System.Security.Cryptography namespace and the programming model used to apply cryptographic transformations. He discusses reasons why cryptography is easier in .NET than it was before, including the easy programmatic acccess developers have to the cryptography APIs and the difference between symmetric and asymmetric algorithms. Along the way, a brief discussion of the most widely used algorithms, including RSA, DSA, Rijndael, SHA, and other hash algorithms, is provided.
MSDN Magazine June 2002
The knowledge worker is greatly empowered if she is able to access information across the enterprise from a central access point. With the SharePoint Portal Server 2001 Search Service you can catalogue information stored in Exchange public folders, on the Web, in the file system, and even in Lotus Notes databases. This article discusses the use of ActiveX Data Objects and the Web-based Distributed Authoring and Versioning protocol for creating search solutions based on SharePoint Portal Server 2001.
MSDN Magazine April 2002
I am trying to pull all of the associated data from a SharePoint list row to an InfoPath form repeating table. I would like to select 1 unique value from the
row and have the other fields auto-populate with the associated data from that row.
SharePoint Columns and also names of InfoPath fields 1, 2, 3, 4, 5, 6, 7.
I have a dropdown that is connected to column 1 and I would like to select 1 and have it populate the rest of the fields from that row.
I am currently doing this with information and C# code from:
I am using business data catalog to display the records present in the Active Directory based on the user selection of samAccountName. Since the number of records present in Active Directory are more
than 3000 the user has to iterate through each page to get to a particular record. I want to add a kind of filter to my Definition file that user can search for a particular samAccountName from the list of samAccountName displayed in the business data list
web part. I am using office server SDK by microsoft to generate the application definition file.
Any help regarding this will be appreciated.
I have a sharepoint list[Managers] with groupby sector column. like below
Each Sector group by column data i want to display in label or panel control.
How to do that ? how to write the logic?