Membership/Role Provider Demo

There were numerous requests for the ASP.NET 2.0 Application that I was demoing for the Canadian Security Wednesday WebCasts presented on November 16, 2005.  This application highlights: ActiveDirectory Membership Provider against an instance of ADAM–including Schema modification for Password Lockout Role Management Security Trimming Thanks to my great co-presenter, Bill who was kind enough to host the application…

0

Revised Threat Modeling

During the last three years I have been working with clients and speaking at industry Security events on threat modeling.  Threat Modeling was introduced at Microsoft during the development of Windows Server 2003 as a major component to the Microsoft Security Lifecycle for application development.  Over the last few years we have made some significant changes…

0

Recordings of Canadian Security Wednesday’s WebCasts

Earlier this week during the ASP.NET 2.0 WebCasts on Membership and Role Management we had a lot of questions on the where the recordings for the past two WebCasts can be downloaded or viewed.  The URLs to the WebCasts’ recordings are below: Web Security November: Developing Secure ASP .NET Applications – a Hacker’s Approach (ASP.NET Security 1/4)…

1

WSE 3.0 Final Release

Web Services Enhancements 3.0 final release version is now freely available for download.  WSE 3.0 will work with both Visual Studio.NET 2005 and the .NET Framework 2.0.  However, it will not work with Visual Studio.NET 2003 and .NET Framework 1.1. I really like the fact that existing using WSE 2.0 Web Services will continue to…

0

Security Wednesday’s WebCasts: November 2005–Demo Index

I will be conducting four Web Casts every Wednesday starting November 9th to November 30th 2005 on ASP.NET 2.0 Security.  Two of the Web Casts will be dedicated to the new ASP.NET 2.0 Membership Provider Services.  In these Web Casts, I will be focusing on the Active Directory Membership Provider with ADAM.  In five previous Web’s logs, I…

0

Password Lockout Option: Active Directory Membership Provider

In continuation on Password Options with the ASP.NET 2.0 Membership Provider–using Active Directory Application Mode—this blog will discuss how to enable the password lockout option.   When using the SQLMembershipProvider the schema to track “failed password attempts”, “failed attempts” to answer the password question and the “time window” between each failed attempt is already created…

0

VS 2005 Web Deployment Projects available for download

The vanilla deployment product in Visual Studio.NET 2005 was lacking in support for more advanced deployment configurations/options beyond the core “Publish Web” scenarios built-into VS 2005 – specifically around assembly naming/output, advanced MSBuild customization, and other common scenarios. (for example: the ability to modify connection string settings depending on the build configuration, etc). Therefore, Microsoft has shipped on…

0

Canadian Launch Event–to Ask the Expert–Cabana

So, what is “Cabana” anyways? For those of us who haven’t been so lucky to be at this year’s PDC or TechEd, cabana would be an area secluded from the main event, where you can come in and discuss technology, in a relaxed environment, with cabana experts.   And at this year Canadian Lauch tour of…

0

Attacked Surface Reduced in IIS 7.0

The Attacked Surface in IIS 6.0 was greatly reduced compared to IIS 5.0, and from the preview of IIS 7.0 it will be reduced even further as shared by Michael Howard’s  in his latest Web Log.  This looks to be very interesting.

0

Plumbers@Work PodCasting

It is now live, a new site dedicated to the podcasting of .NET topics.  Three fellow Canadian geeks, John Bristowe, Bil Simser, James Kovacs and I will be podcasting on Windows development, .NET Development, SharePoint, Security for Developers as well as SQL Server 2005 for Developers.  And I would not doubt from time to time that will…

1