.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Passport Secure Sign-In: Provide Your Users with Secure Authentication Capabilities Using Microsoft

Posted By:      Posted Date: August 21, 2010    Points: 0   Category :ASP.Net

Secure sign-in, a new feature in version 2.0 of the .NET Passport single sign-in and profile service, is a functionality that will be especially useful for sites containing confidential information or anywhere security is a primary concern. Such sites include banks, medical sites, and so on. Secure sign-in is as safe as any SSL-based Web site login used today and provides a way to virtually eliminate vulnerability to replay and dictionary attacks.This article explains secure sign-in and demonstrates how you can implement this feature with very little effort in either ASP using the Passport.Manager COM object or in ASP.NET using the .NET class PassportIdentity.

Michael Kogotkov-Lisin

MSDN Magazine September 2002

View Complete Post

More Related Resource Links

Office 2003: Secure and Deploy Business Solutions with Microsoft Visual Studio Tools for Office


Microsoft Visual Studio Tools for the Microsoft Office System is a new technology that brings the advanced features of Visual Studio .NET and the .NET Framework to applications built for Microsoft Office Word 2003 and Microsoft Office Excel 2003. Deploying solutions built with this technology requires that you understand how runtime security is enforced in managed applications and how to configure users' systems to run your solutions without introducing security holes.To promote that understanding, this article will demonstrate how to establish trust, explain policy considerations and permissions, and explain what trusted code is all about. Secure assembly deployment is also covered in detail.

Brian A. Randell and Ken Getz

MSDN Magazine March 2004

DHTML and .NET: Host Secure, Lightweight Client-Side Controls in Microsoft Internet Explorer


In the past, Web developers often used ActiveX controls if they wanted customized client-side functionality incorporated into their Web applications. Now, they can build objects supported by the Microsoft .NET Framework which are more compact, lightweight, secure, and seamlessly integrated. By hosting .NET Windows Forms controls in Internet Explorer, developers can realize many of their client-side Web development goals. This article adapts ActiveX concepts for use with Windows Forms, and builds a multifile upload application that demonstrates these techniques.

Jay Allen

MSDN Magazine January 2002

Unable to establish a secure connnction with server - ASP.NET AD Authentication.

Situation:IIS 6 installed on Vista (Virtual PC) not member of domain, Visual studio 2008 based website. Active Directory Membership configured in web.config.Trust level set to Full. Using Login control to authenticate.<membership defaultProvider="DomainLoginMembershipProvider"> <providers> <add name="DomainLoginMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="ADConnectionString" connectionUsername="test.bit.com\administrator" connectionPassword="myadminpassword"/> </providers><membership>Connection string is configured as following<connectionStrings> <add name="ADConnectionString" connectionString="LDAP://test.bit.com/CN=Users,DC=test,DC=bit,DC=com"/></connectionStringsEvery time after login it will state "Unable to establish a secure connnction with server"Thanks in advance for your time and support!

Cutting Edge: Building A Secure AJAX Service Layer


This month Dino builds a service layer that authenticates users of Silverlight 2 and ASP.NET AJAX services to prevent illegal access to sensitive back-end services.

Dino Esposito

MSDN Magazine September 2008

Trustworthy Computing: Lessons Learned from Five Years of Building More Secure Software


Five years ago, Bill Gates issued a directive to enhance security across the board. Since then, many valuable lessons have been learned about building more secure software.

Michael Howard

MSDN Magazine November 2007

Identity: Secure Your ASP.NET Apps And WCF Services With Windows CardSpace


Windows CardSpace replaces traditional authentication with a more consistent and streamlined login process and improves trust between end-users, applications and services. Michèle Leroux Bustamante explains.

Michele Leroux Bustamante

MSDN Magazine April 2007

Secure Habits: 8 Simple Rules For Developing More Secure Code


Never trust data, model threats against your code, and other good advice from a security expert.

Michael Howard

MSDN Magazine November 2006

Secure By Design: Your Field Guide To Designing Security Into Networking Protocols


If you were to build a new communications protocol from scratch, how would you address security? Here the authors take a look at that question and generate some valuable insights into secure protocols.

Mark Novak and Andrew Roths

MSDN Magazine September 2006

Are You Protected?: Design and Deploy Secure Web Apps with ASP.NET 2.0 and IIS 6.0


Ensuring the security of a Web application is critical and requires careful planning throughout the design, development, deployment, and operation phases. It is not something that can be slapped onto an existing application. In this article, Mike Volodarsky outlines best practices that allow you to take advantage of the security features of ASP.NET 2.0 and IIS 6.0 to build and deploy more secure Web applications.

Mike Volodarsky

MSDN Magazine November 2005

Stay Alert: Use Managed Code To Generate A Secure Audit Trail


In today's security-conscious environments, a reliable audit trail is a valuable forensic tool The Windows Server 2003 operating system provides features that let you enable a wide range of applications to make use of auditing functionality. This article looks at auditing from the operating system perspective and describes a sample managed code implementation that will allow you to add auditing to your own server applications.

Mark Novak

MSDN Magazine October 2005

Best Practices: Fast, Scalable, and Secure Session State Management for Your Web Applications


ASP.NET provides a number of ways to maintain user state, the most powerful of which is session state. This article takes an in-depth look at designing and deploying high-performance, scalable, secure session solutions, and presents best practices for both existing and new ASP.NET session state features straight from the ASP.NET feature team.

Mike Volodarsky

MSDN Magazine September 2005

SQL Server 2005: Fuzzy Lookups and Groupings Provide Powerful Data Cleansing Capabilities


SQL Server 2005 offers a completely redesigned SQL Server Integration Services engine, formerly known as Data Transformation Services. It includes many new features such as built-in support for Fuzzy Lookups and Fuzzy Groupings, which help you build powerful data-cleansing solutions. This article provides an overview of fuzzy searching techniques and a dissection of the underlying fuzzy search technology implemented in SQL Server 2005.

Jay Nathan

MSDN Magazine September 2005

Encrypt It: Keep Your Data Secure with the New Advanced Encryption Standard


The Advanced Encryption Standard (AES) is a National Institute of Standards and Technology specification for the encryption of electronic data. It is expected to become the accepted means of encrypting digital information, including financial, telecommunications, and government data. This article presents an overview of AES and explains the algorithms it uses. Included is a complete C# implementation and examples of encrypting .NET data. After reading this article you will be able to encrypt data using AES, test AES-based software, and use AES encryption in your systems.

James McCaffrey

MSDN Magazine November 2003

Secure It: WS-Security and Remoting Channel Sinks Give Message-Level Security to Your SOAP Packets


As more organizations adopt XML-based Web Services, the need for message-level security has become evident. WS-Security, now supported in the Microsoft .NET Framework, addresses this need. Using the WS-Security framework, developers can implement channel sinks to intercept Remoting messages as they pass through the .NET Remoting infrastructure. The sink can read the message, change it, and pass it along. During this process, the message can be signed for added security. This article explains how to implement a Remoting channel sink that will modify the Remoting message by including a UserName token in the header, then sign the body using the token.

Neeraj Srivastava

MSDN Magazine November 2003

.NET Remoting: Secure Your .NET Remoting Traffic by Writing an Asymmetric Encryption Channel Sink


As .NET Remoting gains popularity in the enterprise space, it must meet business demands for trustworthy computing. Remoting traffic can be secured when objects are hosted in IIS, but when they aren't hosted in IIS, custom security solutions can be developed to secure them. This article provides an in-depth look at writing channel sinks for .NET. It also details the flow of data through custom channel sinks and explains the kinds of manipulations that can be performed on that data.

Stephen Toub

MSDN Magazine June 2003

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend