In Chapter 18, you learned how to implement many pieces of the puzzle that is web development. Now, you put it all together to build the foundation for a secure public web site. You create a skeleton web site in this chapter, with security that is ready for content. Although you won't be writing any Visual Basic code, you end up with a consistent look and feel and role-based forms authentication. You will be amazed at the ease of creation and the flexibility built into ASP.NET.
In this chapter, you will:
Have an overview of the two most popular methods of web site security
Learn about the Web Site Administration Tool
Implement web site security using forms authentication
Add rules and roles to a security scheme
Create a secure web site with little or no code written
Error handling has been omitted from all of the Try It Outs in this chapter to save space. You should always add the appropriate error handling to your code. Review Chapter 9 for error-handling techniques.
As you design web applications, you need to consider security at an early point in the project. Always understand who will have access to your site and who will not. In many cases, parts of the site will be open to the public and parts will be secure and for members only. This may require multiple methods of security. There are two standard types of web authentication strategies: windows and forms authentication.
The simplest type of authentication is windows ...