Security Configuration
Together, the .NET Framework and IIS manage ASP.NET security. The ASP.NET configuration file, web.config, contains a hierarchical structure of global data, of which security information is a part (see Chapter 12, “XML and SOAP”). Listing 15.1 shows an example of the security section of the web.config file.
Listing 15.1. A Sample Security Section of web.config
01: <authentication mode="[Windows/Forms/Passport/None]"> 02: <forms name="[name]" loginUrl="[url]" > 03: <credentials passwordFormat="[Clear, SHA1, MD5]"> 04: <user name="[UserName]" password="[password]"/> 05: </credentials> 06: </forms> 07: <passport redirectUrl="internal" /> 08: </authentication> 09: 10: <authorization> 11: <allow users="[comma separated list ... |
Get Programming Data-Driven Web Applications with ASP.NET now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
