O'Reilly logo

.NET Framework Security by Kevin T. Price, Rudi Martin, Matthew Lyons, Sebastian Lange, Brian A. LaMacchia

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Authentication and Authorization Without IIS

When using ASP.NET, remoting, or any technology that relies on authentication, it seems common that somewhere there will be a relational database (SQL Server 2000) that contains user information for purposes of authenticating users to a site. While this practice is somewhat understandable for those who don't want to issue a network account to every user who visits their site, probably because the site and the rest of the network are on the same subnet, it raises some security issues of its own. In fact, “issues” may not quite describe it—burning red flags of despair probably comes closer. Regardless, because ASP.NET has introduced new methods of authentication, discussed in Chapter 14, they rely on ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required