November 2008
Intermediate to advanced
935 pages
30h 36m
English
book
Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB
by Bilal Haidar, Stefan Schackow
Content preview from Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 4. A Matter of Trust
The topics discussed so far have centered on various pieces of security information: encryption key material, security identities, authentication and authorization, and so on. They dealt with security decisions that were tied to some concept of identity. The security identity may have been that of the browser user, or it may have been the identity of the running process.
A different aspect of ASP.NET security uses the .NET Framework code access security (CAS) functionality to secure the code that runs in an ASP.NET site. Although the concept of code having its own set of rights has been around since the first version of the .NET Framework, more often than not the actual use of CAS by developers has been limited. In large part, this has been due to the complexities of understanding just what CAS is as well as how to effectively use CAS with your code.
ASP.NET 1.1 substantially reduced the learning curve with CAS by introducing the concept of ASP.NET trust levels. In essence, an ASP.NET trust level defines the set of rights that you are willing to grant to an application's code. This chapter thoroughly reviews the concept of ASP.NET trust levels, as well as new features in ASP.NET 3.5 around enforcement of trust levels that have not changed since ASP.NET 2.0
You will learn about the following areas of ASP.NET trust levels:
Configuring and working with ASP.NET trust levels.
What an ASP.NET trust level looks like.
How a trust level definition actually works. ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.