Professional ASP.NET 3.5 security, membership, and role management with C# and VB
معرفی کتاب «Professional ASP.NET 3.5 security, membership, and role management with C# and VB» نوشتهٔ Bilal Haidar; Stefan Schackow، منتشرشده توسط نشر Wrox / Wiley Pub در سال 2009. این کتاب در 20 صفحه، فرمت pdf، زبان انگلیسی ارائه شده است.
This book is intended for developers who are already familiar with and have a solid understanding of ASP.NET 1.1 and ASP.NET 2.0 security concepts, especially in the areas of forms authentication, page security, and website authorization. It assumes that you have a good understanding of the general functionality of Membership and Role Manager. It is also assumes that you have some familiarity working with ASP.NET AJAX 3.5. The book aims to “peel back the covers” of various ASP.NET security features so you can gain a deeper understanding of the security options available to you. Explaining the new IIS 7.0 and its Integrated mode of execution is also included in the book. This book was written using the.NET 3.5 Framework along with the.NET Framework SPI on both Windows Sever 2008 and Windows Vista. The sample code in the book has been verified to work with.NET 3.5 Framework and.NET 3.5 Framework SPI on Windows Vista. To run all of the samples in the book you will need the following: Windows Server 2008 or Windows Vista Internet Information Services 7.0 (IIS 7.0) Visual Studio 2008 RTM Either SQL Server 2000 or SQL Server 2005 A Window's Sever 2008 domain running at Windows Server 2008 functional level This book covers many topics and areas in ASP.NET 2.0 and ASP.NET 3.5. It first introduces Internet Information Services 7.0 (IIS 7.0). It goes on to explain in detail the new IIS 7.0 Integrated mode of execution. Next, detailed coverage of how security is applied when the ASP.NET application starts up and when a request is processed in the newly introduced integrated request-processing pipeline is discussed. After this, the book branches out and begins to cover security information for features such as trust levels, forms authentication, page security, and session state. This will show you how you can benefit from the IIS 7.0 Integrated mode to make better use of ASP.NET features. You will also gain an understanding of the lesser known security features in ASP.NET 2.0 and ASP.NET 3.5. In chapter 10 the book changes direction and addresses two security services in ASP.NET 2.0 and ASP.NET 3.5: Membership and Role Manager. You will learn about the provider model that underlies each of these features. The internals of the feature are also discussed, as well as the SQL- and Active Directory-based providers included with them. The discussion of ASP.NET features is continued in chapter 17, which is dedicated to the ASP.NET AJAX 3.5 security integration with ASP.NET 3.5; it will also show how to authenticate and authorize users with JavaScript code written from the client-side. The book closes with a chapter about the best practices ASP.Net developers should follow to protect their applications from attack. Chapter 1 starts by refreshing ideas on application pools and worker processes. It later gets into the major components that make up IIS 7.0. Chapter 2 begins by introducing the advantages of the IIS 7.0 and ASP.NET integrated mode. Chapter 3 gives you a walkthrough of the security processing that both IIS 7.0 and ASP.NET perform in the integrated/unified request-processing pipeline. Chapter 4 defines what an ASP.NET trust level is and how ASP.NET trust levels work to provide secure environments for running web applications. Chapter 5 covers the security features in the 2.0 and 3.5 Frameworks'configuration systems. Chapter 6 explains ASP.NET 2.0 and ASP.NET 3.5 features for forms authentication. Chapter 7 demonstrates using IIS 7.0 wildcard mappings and ASP.NET 2.0 and ASP.NET 3.5 support for wildcard mappings to share authentication and authorization information with Classic ASP applications. Chapter 8 covers security features and guidance for session state. Chapter 9 describes some lesser known page security features from ASP.NET 1.1 and describes how ASP.NET 2.0 and ASP.NET 3.5 options for securing viewstate and postback events. Chapt "ASP.NET security covers concepts such as Web security, developing in partial trust, forms authentication, and securing configuration - just to name a few - all integral components to helping developers ensure reliable security. Addressing the ASRNET developer's security view, this book offers detailed information on every major area of ASP.NET security that you'll encounter when developing Web applications. The book covers security in ASP.NET in general and includes the new additions and changes in ASP.NET 3.5." "Microsoft MVP Bilal Haldar covers the security highlights and new features of Internet Information Services (IIS) 7.0, and offers a detailed look at the request lifecycle, as well as clear explanations of AJAX authentication and authorization. You'll explore ASP.NET Session State, Membership, and Role Management so you will have a solid ability to develop secure and robust Web sites with ASP.NET 3.5 in VB or C# code." --Book Jacket As the only book to address ASP.NET 3.5, AJAX, and IIS 7 security from the developer's point of view, this book begins with a look at the new features of IIS 7.0 and then goes on to focus on IIS 7.0 and ASP.NET 3.5 integration. You'll walk through a detailed explanation of the request life cycle for an ASP.NET application running on IIS 7.0 under the classic mode, from the moment it enters IIS 7.0 until ASP.NET generates a corresponding response.
دانلود کتاب Professional ASP.NET 3.5 security, membership, and role management with C# and VB