Chapter 3. Authentication and Authorization Design

Designing an authentication and authorization strategy for distributed Web applications is a challenging task. The good news is that proper authentication and authorization design during the early phases of your application development helps to mitigate many top security risks.

This chapter will help you design an appropriate authorization strategy for your application and will also help answer the following key questions:

Where should I perform authorization and what mechanisms should I use?
What authentication mechanism should I use?
Should I use Active Directory® directory service for authentication or should I validate credentials against a custom data store?
What are the implications and design ...

Get Building Secure Microsoft® ASP.NET Applications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Building Secure Microsoft® ASP.NET Applications by

Chapter 3. Authentication and Authorization Design

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly