Chapter 11. ASP.NET authentication and authorization
- Authentication and authorization in ASP.NET
- FormsAuthentication and WindowsAuthentication
- The Membership and Roles APIs
- Building custom providers for the Membership and Roles APIs
The previous chapter was about code security and common threats in web applications. At this point, you have a clear understanding of what security is and how to avoid problems by analyzing user input. Now it’s time to talk about two important and somewhat related topics—authentication and authorization.
ASP.NET has great flexibility in terms of authentication and authorization, which let you control access to web resources based on a different matrix of permissions by ...