Applying Security in ASP.NET Applications

The following sections demonstrate the basic principals behind security in ASP.NET.


The following examples detail the use of the different authentication methods of ASP.NET. Please refer to Chapter 3, “Configuring ASP.NET Applications,” for more detail on the Web.config file.

Windows Authentication

The <authentication> tag in the Web.config file (see Listing 9.1) sets your web application to use Windows authentication. This setting can be placed only in the web application’s root Web.config file and propagates across all folders in the application. Please be sure to refer to the sidebar entitled “IIS and Windows Authentication” in the beginning of this chapter to make sure your application ...

Get Inside ASP.NET now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.