Résumé
If you are building web applications or web services
with ASP.NET and you want to keep them secure, this is the
book for you.
This book will show you how to make effective use of the
security framework provided by ASP.NET. We cover the key
technologies for authentication (identifying users) and
authorization (controlling access to recources). We also
show how we can use other ASP.NET features to keep our
applications secure.
ASP.NET provides a flexible and extensible authentication
framework. We present the built in options for
authentication, discussing when they should be used and
showing how they should be applied for maximum security.
For those who have needs beyond what the standard
authentication methods provide, we show how to extend and
enhance them to create custom security systems.
Authorization is covered in depth. We show how to use the
built in authorization system to control access to the
resources that a web application exposes. We then take
things further by showing how to extend the system to
address more advanced authorization scenarios.
Good configuration is vital if our applications are to be
secure. We explain how to configure IIS and ASP.NET so that
they work together to provide good security.
Even with a good authentication and authorization system,
there are still many ways in which a web application can be
attacked. We show how we can code ASP.NET applications to
avoid the most common vulnerabilities.
Code Access Security, a good way to restrict what
operations code can perform, is introduced with examples
that show how it can be applied.
Most of the techniques presented in the rest of the book
apply just as well to web services as to browser based web
applications. We also discuss some additional techniques
particular to web services.
Who is this book for?
This book is for ASP.NET Programmers who want to learn more
about security techniques.
- Chapter 1: Building Secure Web Applications
- Chapter 2: Treating the Client with Caution
- Chapter 3: Storing Secrets
- Chapter 4: Securing Database Access
- Chapter 5: Implementing Password Policies
- Chapter 6: The ASP.NET Security Framework
- Chapter 7: Windows Authentication
- Chapter 8: .NET Passport
- Chapter 9: Forms Authentication
- Chapter 10: Extending Forms Authentication
- Chapter 11: Custom Authentication
- Chapter 12: Implementing Authorization
- Chapter 13: Code Access Security
- Chapter 14: Web Service Security
- Chapter 15: Impersonation
- Appendix A: Configuring IIS for Security
- Appendix B: ASP.NET Security Configuration
L'auteur - Collectif d'auteurs
Autres livres de Collectif d'auteurs
Caractéristiques techniques
PAPIER | |
Éditeur(s) | Wrox Press |
Auteur(s) | Collectif d'auteurs |
Parution | 28/10/2002 |
Nb. de pages | 456 |
Format | 18 x 23 |
Couverture | Broché |
Poids | 765g |
Intérieur | Noir et Blanc |
EAN13 | 9781861006202 |
Avantages Eyrolles.com
Consultez aussi
- Les meilleures ventes en Graphisme & Photo
- Les meilleures ventes en Informatique
- Les meilleures ventes en Construction
- Les meilleures ventes en Entreprise & Droit
- Les meilleures ventes en Sciences
- Les meilleures ventes en Littérature
- Les meilleures ventes en Arts & Loisirs
- Les meilleures ventes en Vie pratique
- Les meilleures ventes en Voyage et Tourisme
- Les meilleures ventes en BD et Jeunesse
- Informatique Développement d'applications Programmation .NET
- Informatique Développement d'applications Programmation .NET ADO.NET
- Informatique Développement d'applications Programmation .NET ASP.NET
- Informatique Développement d'applications Conception et développement web
- Informatique Développement d'applications Conception et développement web Serveurs web et serveurs d'application IIS
- Informatique Développement d'applications Langages ASP.NET