WHAT'S IN THIS CHAPTER?
Understanding authentication and authorization
Working with ASP.NET authentication types
Exposing ASP.NET application services to Silverlight
Security is a very wide-reaching term. This chapter does not cover each and every thing you can do to build secure applications because this material is covered throughout the entire book. Coding for secure applications is something you should do with every line of code that you write. During every step of the application-building process, you must, without a doubt, be aware of how mischievous end users might attempt to bypass your lockout measures. You must take steps to ensure that no one can take over the application or gain access to its resources. Whether it involves working with basic server controls or accessing databases, you should be thinking through the level of security you want to employ to protect yourself.
This chapter takes a look at security from the standpoint of how you can establish access rules for your Silverlight applications, who can access them, and how to really tell who the user is. Also, this chapter looks at other security aspects in dealing with cryptography and the Security APIs at your disposal. Out-of-browser applications are covered in Chapter 9.
One of the more important aspects of security is in how your applications deal with the end users who come to it. Not every view that you build with Silverlight is meant to be open and accessible to everyone ...