Chapter Nine. ASP.NET Security

Previous page
Table of content
Next page

Security is a significant element in any Web development. Positively ensuring security in Web applications is a major issue. In the present Internet world more real-time Web applications offer their information across Internet and private networks. Even though this widespread connectivity offers better advantages, it also increases the security risks. Web applications that entail sensitive information have to be protected from malicious attacks. That's why Microsoft became aware of these serious security problems in the present environment and engages in Trustworthy Computing. [1] The ASP.NET page framework provides a multilayered , complete set of security features that leverage from the built-in .NET Framework. ASP.NET provides authorization, authentication, impersonation, and delegation techniques that you can employ to enrich Web application and server security.

[1] For more information on Trustworthy Computing visit http://www.microsoft.com/security/whitepapers/secure_platform.asp and http://www.microsoft.com/presspass/ exec / craig /10-02trustworthywp.asp.

ASP.NET works in concurrence with IIS [2] to provide authentication and authorization services to Web applications. With Microsoft .NET Framework and IIS, ASP.NET offers better Web application security. The ASP.NET application developer can access all the built-in security features available in the .NET Framework, such as CAS and role-based user -access security, as the ASP.NET is a component of the Microsoft .NET Framework.

[2] IIS (Internet Information Server), Microsoft's Web server, plays a vital role in providing a solution to security issues. IIS security is available even when ASP.NET security is not present.

In this chapter we first look at the ASP.NET security mechanisms, such as ASP.NET Authentication, ASP.NET Authorization, [3] and ASP.NET Impersonation. We explore the security section of the configuration file in detail. ASP.NET authentication is put into practice with the assistance of authentication providers, such as Forms authentication, Passport authentication, and Windows authentication. Then, we drill down on some of the important classes needed for ASP.NET security features. We also look at programming examples that demonstrate how to use these techniques in ASP.NET applications.

[3] In ASP.NET, authorization is implemented by two primary ways: File authorization and URL authorization .


Previous page
Table of content
Next page
.NET Security and Cryptography
.NET Security and Cryptography
ISBN: 013100851X
EAN: 2147483647
Year: 2003
Pages: 126
Authors: Peter Thorsteinson, G. Gnana Arun Ganesh
BUY ON AMAZON
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
Metrics and Models in Software Quality Engineering (2nd Edition)
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
Ruby Cookbook (Cookbooks (OReilly))
.NET System Management Services
Python Programming for the Absolute Beginner, 3rd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy