Securing ASP.Net Applications
(Page 1 of 4 )
Security is vital, especially for applications that are used over the Internet. For anything that requires a user to log in, you must be able to ascertain that the user is who he says he is, and is permitted to access the areas he is trying to access. This article explains how to deal with security and authentication issues in ASP.Net applications.
Security is the key that not only keeps sensitive data and information locked away from prying eyes, but also enables access to the data discreetly. When the topic of discussion is security, web applications happen to take the spotlight. This truth is evident from the fact that both J2EE and .Net has security features as their core functionality, not as a peripheral function, which was the case until about five to six years ago.
Microsoft, understanding the worries surrounding the security of web applications, has come out with a security model that includes both the existing window’s ACL model and the new Code Access Security (CAS) model. While the CAS model is more used with the stand alone applications, the ACL model, along with the declarative approach, is more suitable for web-based applications. In other words, the approach for ASP.Net is declarative security.
In this article, we will discuss how to put this aspect of ASP.Net to work so that security can be provided without delving into code too much. But before going into the details, it is imperative to understand the terms that recur most in the ASP.Net security model. Hence the first section introduces these terms. Then authentication modes and their configuration will be detailed in the second section. In the last section, I will pull it all together for an example that will explain how code and the declarative approach work together in securing an ASP.Net application.
Next: Impersonation, Delegation and Roles: Understanding the Terminology >>
More ASP.NET Articles
More By A.P.Rajshekhar
/ 10 
