http://blogs.runatserver.com/dsevigny/default.aspxMy Girl Friend, My Twins and....ASP.NET / AJAXenCommunityServer 2007.1 (Build: 20917.1142)http://blogs.runatserver.com/dsevigny/archive/2009/01/12/silverlight-wishes-card.aspxMon, 12 Jan 2009 13:49:00 GMTea6c9293-c621-4a68-aeb8-5da5e5cb41f8:434Dominic Sévigny0This year at RunAtServer Consulting we made our wishes card with Silverlight and DeepZoom! Click the following link to explore our Silverlight Wishes card : www.runatserver.com/wishes.aspx French version here ....(<a href="http://blogs.runatserver.com/dsevigny/archive/2009/01/12/silverlight-wishes-card.aspx">read more</a>)<img src="http://blogs.runatserver.com/aggbug.aspx?PostID=434" width="1" height="1">SilverlightWisheshttp://blogs.runatserver.com/dsevigny/archive/2009/01/08/silverlight-2-training-in-paris.aspxThu, 08 Jan 2009 13:20:00 GMTea6c9293-c621-4a68-aeb8-5da5e5cb41f8:429Dominic Sévigny0RunAtServer Consulting is proud to bring the Silverlight Tour to Paris, France. On January 19th to January 21st, the Silverlight Tour will stop to Paris, France. For registration, you can go to the following web site: http://www.octo.com/com/com_formation...(<a href="http://blogs.runatserver.com/dsevigny/archive/2009/01/08/silverlight-2-training-in-paris.aspx">read more</a>)<img src="http://blogs.runatserver.com/aggbug.aspx?PostID=429" width="1" height="1">ASP.NETVisual StudioSilverlightExpression BlendTraininghttp://blogs.runatserver.com/dsevigny/archive/2008/01/04/token-cache-with-asp-net-and-basic-authentication.aspxFri, 04 Jan 2008 20:05:00 GMTea6c9293-c621-4a68-aeb8-5da5e5cb41f8:331Dominic Sévigny 0If you develop an ASP.NET application that use Basic Authentication , take care to be sure to change the registry on your staging IIS server. What? Yes, If your application use role based security to securing your pages, adding a new security group to...(<a href="http://blogs.runatserver.com/dsevigny/archive/2008/01/04/token-cache-with-asp-net-and-basic-authentication.aspx">read more</a>)<img src="http://blogs.runatserver.com/aggbug.aspx?PostID=331" width="1" height="1">ASP.NETDevelopmentActive DirectoryIIShttp://blogs.runatserver.com/dsevigny/archive/2007/10/27/my-codecamp-montreal-2007-presentation.aspxSat, 27 Oct 2007 18:56:00 GMTea6c9293-c621-4a68-aeb8-5da5e5cb41f8:60dsevigny9<p>Today, I gave a&nbsp;presentation at CodeCamp Montreal on ASP.NET/AJAX and Visual Studio 2008. Thanks to all attendees. You can download&nbsp;below my code and my powerpoint presentation.</p> <p>&nbsp;Thanks<br />Dominic</p><img src="http://blogs.runatserver.com/aggbug.aspx?PostID=60" width="1" height="1">ASP.NETSpeakingAjaxVisual Studio.NEThttp://blogs.runatserver.com/dsevigny/archive/2007/10/16/Token-Cache-with-ASP.NET-and-Basic-Authentication.aspxTue, 16 Oct 2007 20:22:00 GMTea6c9293-c621-4a68-aeb8-5da5e5cb41f8:25dsevigny56<p>If you develop an <strong>ASP.NET</strong> application that use <strong>Basic Authentication</strong>, take care to be sure to&nbsp;change the registry on your&nbsp;staging <strong>IIS</strong> server. What?&nbsp;Yes, If your application use role based security&nbsp;to&nbsp;securing your&nbsp;pages,&nbsp;adding a new security group to a Windows domain user don&#39;t automaticaly give access to theses pages.<br /><br />Why? Because&nbsp;when you use <strong>Basic authentication</strong>, user tokens are cached in the token cache. By default, tokens remain in the cache for 15 minutes. If you log on using <strong>Basic authentication</strong> with an account that has a high level of user logon rights, a successful attacker could use the account to gain access to the resources on your computer.</p> <p>The Microsoft article : <a href="http://wwwbeta.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/cf438d2c-f9c7-4351-bf56-d2ab950d7d6e.mspx?mfr=true">http://wwwbeta.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/cf438d2c-f9c7-4351-bf56-d2ab950d7d6e.mspx?mfr=true</a></p> <p>For&nbsp;a production&nbsp;environment,&nbsp;15 minutes is&nbsp;correct but when you are&nbsp;on&nbsp;the staging&nbsp;environment it&#39;s very frustrating to wait 15 minutes between each security test. You can change the TTL by modifying a key in the registry.</p> <p>How to&nbsp;change the registry key (Search for <strong>UserTokenTTL</strong> at the bottom of the page)&nbsp;: <a href="http://wwwbeta.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/cf438d2c-f9c7-4351-bf56-d2ab950d7d6e.mspx?mfr=true">http://wwwbeta.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/cf438d2c-f9c7-4351-bf56-d2ab950d7d6e.mspx?mfr=true</a></p> <p>Thanks<br />Dominic&nbsp;</p> <p>&nbsp;</p> <p>&nbsp;</p><img src="http://blogs.runatserver.com/aggbug.aspx?PostID=25" width="1" height="1">ASP.NETDevelopmentTips and TricksActive DirectoryIIS