comments (not for humans)
There has been a lot of fuzz about padding oracle attacks lately. ASP.NET was vulnerable and Apache MyFaces too (and other JSF implementations?).
[...]
I guess this happens to lots of people because I found a lot of writing about it after searching google, but I didn't find any solution I could fully use. So I created a version that should work in most cases.
[...]
There are several ways to implement XSRF protection. In this implementation I'll use a combination of Viewstate and session to check the validity of a request.
[...]
I just read an article on cookies in regular ASP, which explains some of the concerns related to session cookies. In this post I'll explain how this works in ASP.NET.
[...]
This entry will explain the steps you need to take, to use ADAM for both roles and membership in ASP.NET 2.0 and authorization manager.
[...]
Making Active Directory Application Mode (ADAM) work with ASP.NET 2.0 in Visual Studio 2005 can be quite a hassle. This post is a step by step guide to successfully creating and using an ADAM instance with ASP.NET 2.0 without the need to install SSL-certificates.
[...]