Authorization

Previous page
Table of content
Next page

There are two types of authorization that you can use in your assemblies to control access to classes and class members :

  • Role-based authorization to authorize access based on user identity and rolemembership . When you use role-based authorization in assemblies that are part of an ASP.NET Web application or Web service, you authorize the identity that is represented by an IPrincipal object attached to the current Web request and available through Thread.CurrentPrincipal and HttpContext.Current.User . This identity is either the authenticated end user identity or the anonymous Internet user identity. For more information about using principal-based authorization in Web applications, see "Authorization" in Chapter 10, "Building Secure ASP.NET Pages and Controls."

  • Code access security to authorize calling code, based on evidence, such as an assembly's strong name or location . For more information, see the "Authorization" section in Chapter 8, "Code Access Security in Practice."



Previous page
Table of content
Next page
Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613
Authors: Microsoft Corporation
BUY ON AMAZON
Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
Snort Cookbook
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
Network Security Architectures
Cisco Voice Gateways and Gatekeepers
Information Dashboard Design: The Effective Visual Communication of Data
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy