Professional ASP.NET 3.5 security, membership, and role management with C# and VB
This book is intended for developers who are already familiar with and have a solid understanding of ASP.NET 1.1 and ASP.NET 2.0 security concepts, especially in the areas of forms authentication, page security, and website authorization. It assumes that you have a good understanding of the general...
| Autor principal: | |
|---|---|
| Otros Autores: | |
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Indianapolis, IN :
Wiley Pub
2008.
|
| Edición: | 1st edition |
| Colección: | Wrox professional guides
|
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009627617606719 |
Tabla de Contenidos:
- ASP.NET 3.5 Security, Membership, and Role Management with C# and VB; About the Author; About the Previous Author; Credits; Acknowledgments; Contents; Introduction; Who This Book Is For; What This Book Covers; What You Need to Use This Book; Conventions; Source Code; Errata; p2p. wrox. com; Chapter 1: Introducing IIS 7.0; Overview of IIS 7.0; Application Pools; IIS 7.0 Components; IIS 7.0 Modules; Summary; Chapter 2: IIS 7.0 and ASP.NET Integrated Mode; Advantages of IIS 7.0 and ASP.NET Integrated Mode; IIS 7.0 Integrated Mode Architecture; Summary
- Chapter 3: HTTP Request Processing in IIS 7.0 Integrated ModelBuilt-in IUSR Account and IIS_ IUSRS Group; Integrated Mode Per-Request Security; The Unified Processing Pipeline; Summary; Chapter 4: A Matter of Trust; What Is an ASP.NET Trust Level?; Summary; Chapter 5: Configuration System Security; Using the Element; Using the lockAttributes; Managing IIS 7.0 Configuration versus ASP.NET Configuration; Extending IIS 7.0 with Managed Modules and Handlers; Managing the Native versus Managed Configuration Systems; IIS 7.0 Feature Delegation; Reading and Writing Configuration
- Using Configuration in Partial TrustProtected Configuration; Summary; Chapter 6: Forms Authentication; A Quick Recap of Forms Authentication; Understanding Persistent Tickets; Securing the Ticket on the Wire; Setting Cookie-Specific Security Options; Using Cookieless Forms Authentication; Configuring Forms Authentication Inside IIS 7.0; Sharing Tickets between 1.1 and 2.0/3.5; Using Forms Authentication Across Different Content Types; Leveraging the UserData Property; Passing Tickets Across Applications; Enforcing Single Logons and Logouts; Summary
- Chapter 7: Integrating ASP.NET Security with Classic ASPIIS 5 ISAPI Extension Behavior; IIS 7.0 Wildcard Mappings; DefaultHttpHandler; Using the DefaultHttpHandler; Serving Classic ASP in IIS 7.0 Integration Mode; Authenticating Classic ASP with ASP.NET; Authenticating Classic ASP with IIS 7.0 Integrated Mode; Authorizing Classic ASP with ASP.NET; Authorizing Classic ASP with IIS 7.0 Integrated Mode; Summary; Chapter 8: Session State; Does Session State Equal Logon Session?; Session Data Partitioning; Cookie-Based Sessions; Cookieless Sessions; Configuring Session State Inside IIS 7.0
- Session State for Applications Running in IIS 7.0 Integrated ModeSession ID Reuse and Expired Sessions; Session ID Denial-of-Service Attacks; Trust Levels and Session State; Database Security for SQL Session State; Security Options for the OOP State Server; Summary; Chapter 9: Security for Pages and Compilation; Request Validation and Viewstate Protection; Page Compilation; Fraudulent Postbacks; Site Navigation Security; Summary; Chapter 10: The Provider Model; Why Have Providers?; Patterns Found in the Provider Model; Core Provider Classes; Building a Provider-Based Feature; Summary
- Chapter 11: Membership
