Chapter 11. Security

ASP.NET provides authentication and authorization services in conjunction with IIS, supporting Basic, Digest, and Windows authentication. Impersonation using client credentials is also supported on a per-request basis. Role-based security is provided in much the same way as it is with COM+, and allows customized content based on role membership. Finally, forms-based authentication allows applications to provide their own login UI and perform their own credential verification, greatly simplifying a technique already used by many Web sites.

Web Security

Security is often one of the last issues addressed by developers. It requires thinking about your applications in a different light from what you are accustomed to. As you build ...

Get Essential ASP.NET with Examples in C# now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.