Team LiB
Previous Section Next Section

Chapter 36. Securing ASP.NET Web Applications

IN BRIEF

This chapter continues the topic of security and applies it to the protection and security of ASP.NET web applications. Whether you are building a small ASP.NET application for your corporate intranet or an e-commerce application that will accept tens of thousands of transactions per day, you will at some point be faced with the questions: How do I protect my website? Ensure the privacy of my users? Protect and secure the data for my website?

This chapter will get you thinking about those questions and provide some design patterns for solving those problems as well as walk you through some sample code that shows you some of the ways in which ASP.NET and the .NET Framework can provide varying levels of security and protection for your users, your data, and your server.

WHAT YOU NEED

REQUIRED SOFTWARE

.NET Framework SDK v1.1

Visual Studio .NET 2003 with C# installed

IIS version 5+

RECOMMENDED HARDWARE

PC that meets .NET SDK minimum requirements

SKILLS REQUIRED

C# and .NET familiarity

Familiarity with ASP.NET


SECURING ASP.NET APPLICATIONS AT A GLANCE

User Security

734

  
 

Authenticating Users

735

Implementing IIdentity and IPrincipal

740

 

Authorizing Users with Roles

740

  

Data Security in ASP.NET Applications

748

  
 

Protecting Connection Strings and Web.config Data

748

Deciding When to Use SSL

751

 

Protecting User Passwords

748

Data Security with ViewState Encryption

751

Summary

752

  

Further Reading

752

  


    Team LiB
    Previous Section Next Section