Security and User Authentication
13
The issue of security is important in many facets of information technology, but
it’s especially relevant in web development. While you’ll want to make sure that
your web site users are able to go where they need to go and see what they’re al-
lowed to see, you’ll also want to prevent unauthorized and malicious users from
getting into your system.
One common approach is to have visitors to your site log in before they can view
certain pages; another is to ensure that restricted pages cannot be accessed simply
by typing in the appropriate URLs, unless the user has been specifically allowed
to view those pages. Although different solutions exist for the various applications
you may create—for instance, IIS could provide certain pages to users who have
been authenticated by Windows within an intranet environment—this chapter
focuses on the more straightforward tasks of form- and script-based authentication.
In this chapter, we’ll learn some simple coding techniques and discover just how
easy it is to secure your web applications using ASP.NET. As with many other
chapters, this one contains many goodies that will be new to existing ASP.NET
1.0 and 1.1 programmers, because ASP.NET 2.0 delivers new techniques for
securing your web applications.
Security is a huge topic, and several books have been written on the subject. If
you’re serious about developing secure complex applications, we recommend that
you check out some additional resources, such as Professional ASP.NET 2.0 Security,
Get Build Your Own ASP.NET 2.0 Web Site Using C# & VB, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
