Summary
Security in web applications is very important, because of the exposure to the entire Web (of hackers!). In this Chapter, we looked at some general security concepts, as well as modern role-based security.
We examined the various authentication options available in ASP.NET, and provided some guidance that should allow you to choose among them. We discussed application configuration files in the context of security settings, and we used authentication and authorization to secure an application. We also used custom authentication to meet application requirements, showing the level of extensibility available in the general security infrastructure.
In order to describe the close relationship between IIS and ASP.NET, we provided an overview of the modular and extensible architecture that exists to process web requests, and how the various authentication options are implemented internally, as well as their interaction with the main web application.
Now our Friends Reunion application has become much more secure, through the use of the concepts you’ve learned in this Chapter. However, we certainly haven’t covered every possible security-related feature available in .NET, as that is a subject for a whole book. As noted earlier, one such book is Building Secure Microsoft ASP.NET Applications, which can also be downloaded as a PDF from www.microsoft.com/practices.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Rights and permissions
Copyright information
© 2005 Daniel Cazzulino, Victor Garcia Aprea, James Greenwood, Chris Hart
About this chapter
Cite this chapter
(2005). ASP.NET Authentication, Authorization, and Security. In: Beginning Visual Web Programming in VB .NET. Apress. https://doi.org/10.1007/978-1-4302-0012-3_10
Download citation
DOI: https://doi.org/10.1007/978-1-4302-0012-3_10
Publisher Name: Apress
Print ISBN: 978-1-59059-359-2
Online ISBN: 978-1-4302-0012-3
eBook Packages: Professional and Applied ComputingApress Access BooksProfessional and Applied Computing (R0)