|Table of Contents|
|Part I -
|Part II -
|Part III -
|Part IV -
The .NET Framework offers new, more effective ways to secure your Web and LAN-based applications. Sybex’s .NET Development Security Solutions uses detailed, code-intensive examples—lots of them—to teach you the right techniques for most scenarios you’re likely to encounter. This is not an introduction to security; it’s an advanced cookbook that shows experienced programmers how to meet tough security challenges:
Uniting this instruction is a coherent, cohesive mindset that will help you take the human factor into account at every step. You’ll become technically proficient with all the tools at your disposal—and, at the same time, you’ll learn to make your solutions more powerful by crafting them in ways that dovetail with users’ needs—and foibles—and anticipate cracker exploits.
About the Author
John Paul Mueller is a freelance author and technical editor who has produced 60 books and over 200 articles. John has provided technical editing services to both Data Based Advisor and Coast Compute magazines. He has also contributed articles to magazines such as InformIT, SQL Server Professional, Visual C++ Developer and Visual Basic Developer. He is the editor of the .NET electronic newsletter for Pinnacle Publishing.
.NET Development Security Solutions
John Paul Mueller
San Francisco • London
Associate Publisher: Joel Fugazzotto
Acquisitions and Developmental Editor: Tom Cirtin
Production Editor: Leslie E.H. Light
Technical Editor: David M. Clark
Copyeditor: Cheryl Hauser
Compositor: Scott Benoit
Proofreaders: Emily Hsuan, Monique van den Berg, Eric Lach, Nancy Riddiough
Indexer: Lynnzee Elze
Cover Designer: Caryl Gorska/Gorska Design
Cover Illustrator/Photographer: Glen Allison/PhotoDisc
Copyright © 2003 SYBEX Inc., 1151 Marina Village Parkway, Alameda, CA 94501. World rights reserved. No part of this publication may be stored in a retrieval system, transmitted, or reproduced in any way, including but not limited to photocopy, photograph, magnetic, or other record, without the prior agreement and written permission of the publisher.
Library of Congress Card Number: 2003107709
SYBEX and the SYBEX logo are either registered trademarks or trademarks of SYBEX Inc. in the United States and/or other countries.
Transcend Technique is a trademark of SYBEX Inc.
Screen reproductions produced with Paintshop Pro.
Internet screen shot(s) using Microsoft Internet Explorer reprinted by permission from Microsoft Corporation.
TRADEMARKS: SYBEX has attempted throughout this book to distinguish proprietary trademarks from descriptive terms by following the capitalization style used by the manufacturer.
The author and publisher have made their best efforts to prepare this book, and the content is based upon final release software whenever possible. Portions of the manuscript may be based upon pre-release versions supplied by software manufacturer(s). The author and the publisher make no representation or warranties of any kind with regard to the completeness or accuracy of the contents herein and accept no liability of any kind including but not limited to performance, merchantability, fitness for any particular purpose, or any losses or damages of any kind caused or alleged to be caused directly or indirectly from this book.
Manufactured in the United States of America
10 9 8 7 6 5 4 3 2 1
With loving thoughts of my wife of 23 years on the occasion of our anniversary.
Thanks to my wife, Rebecca, for working with me to get this book completed. I really don’t know what I would have done without her help in researching and compiling some of the information that appears in this book. She also did a fine job of proofreading my rough draft and the final result.
David Clark deserves thanks for his technical edit of this book. He greatly added to the accuracy and depth of the material you see here. David also contributed a number of great URLs and interesting ideas. His attention to detail is especially appreciated in a book of this type.
Matt Wagner, my agent, deserves credit for helping me get the contract in the first place and taking care of all the details that most authors don’t really consider. I always appreciate his help. It’s good to know that someone wants to help.
Finally, I would like to thank Tom Cirtin, Leslie Light, Cheryl Hauser, Scott Benoit, and the rest of the editorial and production staff at Sybex for their assistance in bringing this book to print. It’s always nice to work with such a great group of professionals.
About the Author
John Mueller is a freelance author and technical editor. He has writing in his blood, having produced 60 books and over 200 articles to date. The topics range from networking to artificial intelligence and from database management to heads down programming. Some of his current books include several C# developer guides, an accessible programming guide, a book on Web Matrix, and several Windows XP user guides. His technical editing skills have helped over 32 authors refine the content of their manuscripts. John has provided technical editing services to both Data Based Advisor and Coast Compute magazines. He’s also contributed articles to magazines like SQL Server Professional, Visual C++ Developer, and Visual Basic Developer. He’s currently the editor of the .NET electronic newsletter for Pinnacle Publishing (http://www.freeenewsletters.com/).
When John isn’t working at the computer, you can find him in his workshop. He’s an avid woodworker and candle maker. On any given afternoon, you can find him working at a lathe or putting the finishing touches on a bookcase. One of his newest craft projects is glycerin soap making, which comes in pretty handy for gift baskets. You can reach John on the Internet at JMueller@mwt.net. John is also setting up a Web site at: http://www.mwt.net/~jmueller/. Feel free to take a look and make suggestions on how he can improve it. One of his current projects is creating book FAQ sheets that should help you find the book information you need much faster.