Chapter 11. Security

ASP.NET provides authentication and authorization services in conjunction with IIS, supporting Basic, Digest, and Windows authentication. Impersonation using client credentials is also supported on a per-request basis. Role-based security is provided in much the same way as it is with COM+, and allows customized content based on role membership. Finally, forms-based authentication allows applications to provide their own login UI and perform their own credential verification, greatly simplifying a technique already used by many Web sites.

Web Security

Security is often one of the last issues addressed by developers. It requires thinking about your applications in a different light from what you are accustomed to. As you build ...

Get Essential ASP.NET with Examples in C# now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.