Chapter 11. ASP.NET authentication and authorization

 

This chapter covers
  • Authentication and authorization in ASP.NET
  • FormsAuthentication and WindowsAuthentication
  • UrlAuthorization
  • The Membership and Roles APIs
  • Building custom providers for the Membership and Roles APIs

 

The previous chapter was about code security and common threats in web applications. At this point, you have a clear understanding of what security is and how to avoid problems by analyzing user input. Now it’s time to talk about two important and somewhat related topics—authentication and authorization.

ASP.NET has great flexibility in terms of authentication and authorization, which let you control access to web resources based on a different matrix of permissions by ...

Get ASP.NET 4.0 in Practice now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.