This is a call for suggestions and even possible solutions. I haven't been at a company that really seemed to get credential management 'right'. I've seen excel/word documents and even post-it note 'solutions'. But my main question is what is the right way to do it? I have initially thought it would revolve around KeePass a bit, but h...
Is it possible to setup a JDBC connection to Oracle without providing username/password information in a configuration file (or in any other standard readable location)? Typically applications have a configuration file that contains setup parameters to connect to a database. Some DBAs have problems with the fact that usernames and passw...
I have an ASPX page (On server A) which is invoked using NTLM credentials. Part of that page's job is to call an HTML page (On server B) and proxy it back to the client. (The client has access to A, but not to B). Server B is also not open to anonymous access, so I need to supply credentials to it. If I hardcode some credentials (as ...
Does anyone know how to use the credential cache or network credential to get the user's personal info from the Active Directory using C# or VB? I need to get personal info such as name, telephone ID and so on. ...
I'm using HttpWebRequest to pull down XML, and POST data back to a 'WebService' and getting a 401 on the POST. When creating the requests I've added Credentials and now tried a credentials cache and setting PreAutenticate to True, still getting the 401! :( Watching the HTTP traffic on the router I set the get make an unauthenticated G...
I have an executable that is started by a windows service, this program will be run on a customers machine and will need to connect to a remote share to perform a particular task. This share is specified by the customer via a UI, so we do not know this in advance meaning it can't be "hard-coded", or the share mapped in advance. Previous...
When supporting a new web app in an enterprise environment, it is often necessary to log in as a specific user in order to diagnose a real or perceived problem they are having. Two opposing issues apply here: Best practice is to use hashed or encrypted passwords, not clear text. Sometimes, there is a third-party SSO (single sign-on) in...
I'm wondering what people use for storing their username, passwords, urls, IPs, domains, and any other login information they need to both do their job and in general life. It might also store serial numbers or similar data. I find that I'm registering for probably 5 sites a month, paying some piece of software, just setting up a new ho...
We have a C# windows application that needs to be able to connect to a server on a network, download and save a file to a specified location. We can not use a web service as we can not assume that our clients will have IIS on their server. The way that I am considering doing it is to FTP onto the server and download the file. I can wri...
Hi, I'm working on a windows forms client server app. It uses client application services with a login form that implements IClientFormsAuthenticationCredentialsProvider and this is called using membership.validateuser(nothing, nothing) to authenticate user. What I want to confirm either way is if this method encrypts the credentials pas...
I use a console application to write some test code: /// <summary> /// Returns AD information for a specified userID. /// </summary> /// <param name="ntID"></param> /// <returns></returns> public ADUser GetUser(string ntID) { DirectorySearcher search = new DirectorySearcher(); ...
Hello, i m using a webbrowser control in wpf to show a virtualearth map, but because i m developing behind a proxy of my company, every time i try to see the map, i have to inser my credetials, i would like to insert them automacly in the c# code, how can i achive that? i alreadt try in the navigating event of the web broweser using: ...
Duplicate of Disable browser save password functionality Is there a way to tell the browser not to insert pre-Saved credential data into forms on websites? For example I might have an application where I have to login first. I saved the credentials for this login. When I now want to create a new user account in the control panel, the ...
I am working on designing an api/application structure to mimick facebook's for a project of mine. I am wondering what the best way of going about authenticating users is. For an app how do I give them the nessecaru credentials and how do I authenticate those credentials? ...
Hi, I have web service in my MFC Application and I want to write something like: WebService * ws = new WebService(); ws->Credentials = new NetworkCredentials(user, pass); I could not find Credentials class in MFC. Is there such class in MFC? ...
Hello, think I successfully made a managed wrapperclass to the Credential API functions mentioned here with a little help from there At least the Win32-Errorcodes returned from that functions are Zero or other but expected (i.e. 1168 from CredDelete if calling it twice) and the appropriate values are stored at the correct place in the re...
I have some "kiosks" that run under machine specific AD accounts that I would like to deploy reports on. For security reasons I need to verify individual user credentials before allowing access to the reports. Is there a way to do this with reporting services?We are running Reporting Services 2005, but will be upgrading fairly soon. ...
I'm wondering what techniques you use to store the database credentials for your application. I'm specifically concerned with java webapps, but I don't think there's any need to limit the questions to that. things to consider: Do you use property files,xml configs, other? Is it bundled into your application(ie in a jar file) or store...
I have a custom implementation of ClientCredentials in WCF. Two of the base properties of ClientCredentials are the ClientCertificate and ServiceCertificate, as seen here (MSDN). In my configuration, I have my custom ClientCredentials set, and both certificates defined: <endpointBehaviors> <behavior name="MyCustomEndpointBehavior"...
I am using impersonation in an application in IIS. I need to write a file to the file system, but don't want to use the impersonated user's credentials in this one case. I need to use the credentials of the app pool. How do I temporarially elevate a worker process' credentials from impersonated credentials to the app pool's credentials?...