Write files to App_Data under medium trust hack?
Is there any way to work around this? Im sure I've heard about some hack, is that true? ...
trust
Is agile possible when people are shared across multiple projects?
Multi-tasking is shown to be at least 15% less productive than dedicating people to a project (from Mythical Man Month), however in some cases it seems unavoidable. Part of the agile way is to build trust with your customer/team by delivering on time and rarely blowing your iteration schedules. This is difficult when multiple project...
How do I force a tomcat web application reload the trust store after I update it
I have the following problem. My tomcat 5.5 based web application is using a trust store to verify SSL connections. The application allows the user to add or remove CA certificates to be used in the verification process. However, adding or removing certificates from the trust store doesn't change a thing. The application 'recognizes' onl...
Are Active Directory forest trusts transitive?
I'm working on trouble shooting an application under development that uses information from Active Directory in a multi-forest environment and I have the current problem down to figuring out if forest trusts are transitive, and if so under what conditions. The setup: Using Active Directory 2003, ForestA has a two-way forest trust with F...
How can you give users confidence that your application has no malicious intent?
I am a FireFox user, and I recently installed the GMail notifier add-on. When you first install the add on, it requests your GMail address and password, and will then use this to login to your Gmail account (presumably via SSL). It shows a number on your taskbar, indicating how many unread emails are in your inbox, and also notifies yo...
Does it make sense to set up a trusted relationship between Active Directory instances at partner companies?
Hi, If a company often requires users to be created in a partner's active directory, and vice versa, does it make sense to set up a federated / trusted relationship between the AD instances? If so, what should be considered? Does the ACL for users in the partner AD still work the same way? What security risks does this expose? Thanks! ...
What are the most common, typical things to AVOID coding into my ASP.NET app in order for it to run under Medium Trust on a shared host?
What are the things that Medium Trust stops you from doing? For example, I've already learned that Medium Trust stops you from using System.IO.Path.GetTempPath(). What other things like that? ...
Secure Java SOAP web service - Active Directory authentication Trust
I want to build a secure web-service betweeen a Java producer and a Java consumer. I want to authenticate using Active Directory using the domain accounts that the producer and consumer are running under. Could you give me an example of this? (ie: AD trusted automated alternative to manual keystores.) ...
How often would you tolerate your IDE crashing?
I was experimentally trying to switch from coding in vim to coding in an IDE (in this case, Anjuta on Linux), but I found that every time I crashed the IDE, my trust in it went down, until around a crash rate of once a day I trusted it so little that using it was considerably more stressful than using a simple text editor for coding. Ho...
Microsoft Studio TFS proxy problems in a trusted domain
I have two domains. TFS 2008 is installed on DEV domain, proxy on PROD. There is two-way trust and both servers can authenticate users from both domains. TFS was working fine, and suddenly stopped. Looking at the logs there was a great deal of AD noise (Can't load global catalog, etc.). The trust between the domains (DEV and PROD) was ...
Trusting an assembly located on a network share.
Hello all, I've been meaning to post on here for a while but always find the information I need; up untill now of course! I would appreciate any help you may be able to offer in regards to code access security, and in particular dll's on a network share. I am looking for a way to dynamically load assembles for reflection, instantiation...
Flash Player trust file not working with Embedded browser on linux
Hi, I have an application which embeds a xulrunner based browser. I have to load some flash content in this browser. At certain points of time the flash changes my URL and Page Title to reflect the location in the flash file where I am at. This works fine in a firefox browser when I place my trust file at /etc/FlashPlayerTrust folde...
SMTPClient Half Working \ Half Not
I am using Microsoft's membership framework on a website. I am able to send password retrieval e-mails, but am unable to send e-mails myself using SMTPClient. When you configure the SMTP settings in the Web Site Administration Tool, what are the settings that this application give it's SMTPclient? If I know this, I can duplicate it and...
Could not establish trust relationship for SSL/TLS secure channel -- SOAP
I have a simple web service call, generated by a .NET (C#) 2.0 windows app, via the web service proxy generated by Visual Studio, for a web service also written in C# (2.0). This has worked for several years, and continues to do so at the dozen or so places where it is running. A new installation at a new site is running into a problem....
ASP.NET MVC: deployment issue
Hi, I created an ASP.NET MVC 1.0 application that works fine on my machine (running in vs 2008 web server). However, when I deploy it to my webhost (running in medium trust), I get the following exception on the first hit: could not find file or dependency System, Version 1.0.9.0. Looking at the stack trace, I saw target invocation exce...
An algorithm for distributed or decentralised reputation/trust
Does anyone know of an algorithm for computing how much you 'trust' another user (their reputation) in a decentralised system. Sites like this one use a centralised authority to track reputation points, but when you can't trust an authority to maintain this list impartially, or the infrastructure doesn't exist, how can you rank your pee...
How to authenticate client application for trust of messages sent from it
The basic question How do I know that it is my publicly accessible (client) application that is sending my service messages? How do I know that it is just not some other application that is impersonating my application? Some Background Currently we log all errors that occur on our websites via log4net and WCF to a database. This works w...
Access 2007, VBA, a tiny project for a school, and the Trust Center
A friend asked for my help putting together an Access database for a small department at a university. It tracks medical info on some animals. The problem is that to make the application easy enough to use, we had to write some VBA code to glue different forms together. When we open the database (or a new, updated version of the database...
Windows forms app in IE: how to not require the user to modify trusted zones/.net security? Trust?
How do you configure/setup your .dll file so that when its hosted in IE and a user hits the page it just prompts them to 'trust' the application and install it and run? Currently all the doco I can find talks about adding the site to the trusted zone and running "caspol" on the command line to modify your .net security settings, which w...
How to determine the root of a certificate?
My root certificates are stored as several files in ASN.1 format. Assume I have a chained end entity certificate in the same format. How do I efficiently determine the root certificate of this certificate? Currently I have to take a brute force approach which extracts the public key of the end entity certificate and validates that agai...