Monthly Archives: July 2006

Bald steht die BASTA wieder vor der Tür…Ich werde drei Vorträge über .NET Security machen. Kommt vorbei und sagt Hallo! Architektur für stabile und sichere erweiterbare AnwendungenTechniken wie dynamisches Laden von Assemblies und Reflection machen es einfach eine Anwendung zur … Continue reading →

If you are running Windows Server 2003, don’t upgrade to the newest version of iTunes (V6.0.5.20) – it won’t work… Does anyone know where I can download older versions??  

A while ago I recorded four security screencasts for MSDN UK. They are part of their Nuggets series which I always liked. Main Page:http://www.microsoft.com/uk/msdn/events/nuggets.aspx Client Certificates and ASP.NET (watch) Impersonation  (watch) Protected Data  (watch) Storing Passwords  (watch)  

That’s so cool – “Dark Room – a full screen, distraction free writing environment”. I immediately liked this when I saw it, but now there is also a .NET version. When you ever wrote a book you know what “distraction … Continue reading →

Again a URL canonicalization bug. This shows two things (again): It is very, very hard to get resource names and encodings right – even in big projects with a lot of testers. Never store sensitive data under the application vroot (the … Continue reading →

Teil 2 des HttpListener Artikels ist nun online auf MSDN. In diesem Teil wird das Hosting von ASP.NET in einem custom WebServer beleuchtet. Weiterhin werden die notwendigen Schritte gezeigt wie Sicherheits-Informationen wie Authentifizierungs-Daten vom Host an ASP.NET weitergereicht werden. Den Source … Continue reading →

Ian has two screencasts up on channel9 that show how to work with UAC as a developer. http://channel9.msdn.com/Showpost.aspx?postid=211271 and http://channel9.msdn.com/Showpost.aspx?postid=209647

Teil 1 meines HttpListener Artikels ist online. Dort werden Themen with Authentifizierung, Autorisierung, Impersonierung, Sandboxing und SSL mit Client Zertifikaten besprochen. Teil 2 wird in Kürze auch verfügbar sein – dort dreht sich alles um ASP.NET Integration.  

Having read this post. I just couldn’t resist :) Of course, this is not a full featured PS host – but simple commands like get-process work and by caching the runspace you keep state between the commands you invoke. Needless to … Continue reading →

I get questions every now and then why there are these two events and which one to use for what. The way I like to think about it: If you change the IIdentity – use AuthenticateRequest. If you change the … Continue reading →