Introduction
This book covers security topics on a wide range of areas in ASP.NET 2.0 and ASP.NET 3.5. It starts with an introduction to Internet Information Services 7.0 (IIS 7.0) and then explains in detail the new IIS 7.0 Integrated mode of execution. Next is detailed coverage of how security is applied when an ASP.NET application starts up and when a request is processed in the newly introduced integrated request-processing pipeline. The book then branches out to cover security information for features such as trust levels, forms authentication, session state, page security, and configuration system security. You will also see how you can benefit from the IIS 7.0 Integrated mode to make use of ASP.NET features to handle non-managed or native requests such as classic ASP due to the fact that ASP.NET and IIS 7.0 join efforts to form an integrated request-processing pipeline to handle requests. Over the course of these topics, you will gain a solid understanding of many of the less publicized security features in ASP.NET 2.0 and ASP.NET 3.5.
The book switches gears in Chapter 10 to address two security services in ASP.NET 2.0 and ASP.NET 3.5: Membership and Role Manager. You start out learning about the provider model that underlies both of these features. Then you get a detailed look at the internals of both features, as well as the SQL- and Active Directory-based providers included with them. After reading through these topics, you will have a thorough background on how you ...
Get Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.