ebook img

Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB PDF

940 Pages·2008·17.693 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB

www.it-ebooks.info spine=1.872" Professional ™ Programmer to Programmer ASP.NET 3.5 Security, Membership, and Role Management Get more out of with C# and VB Professional ASP.NET 3.5 Security, Membership, and Role Management 978-0-470-37930-1 WROX.com As the first book to address ASP.NET 3.5, AJAX, and IIS 7.0 security from the developer’s point of view, this book begins with a look at the new features of IIS 7.0 and then goes on to focus on IIS 7.0 and ASP.NET 3.5 integration. You’ll walk through a detailed explanation of the request life cycle for an ASP.NET application running on IIS 7.0 under the classic mode, from the moment it enters IIS 7.0 until ASP.NET generates a corre- sponding response. Professional ASP.NET 3.5 MVC 978-0-470-38461-9 The ASP.NET 3.5 MVC Framework enables Microsoft developers to Interact Chapters on Demand create dynamic data-driven web sites. Packed with real-world examples, this authoritative guide is written by the Microsoft team behind the Take an active role online by participating in Purchase individual book chapters in pdf technology and uses a real-world sample application using MVC in order our P2P forums format to explain the tools and technologies that compliment MVC, such as SubSonic, LINQ, jQuery, and REST. Professional ASP.NET 3.5 AJAX Wrox Online Library Join the Community 978-0-470-39217-1 The ASP.NET AJAX toolkit is an excellent way to immediately start using Hundreds of our books are available online Sign up for our free monthly newsletter at AJAX features in applications in that it offers both excitement and enter- through Books24x7.com newsletter.wrox.com prise appeal to developers. Professional ASP.NET 3.5 AJAX explains how you can use these features to build amazing Web sites. Coverage of the Enhance Your Knowledge client library, the ScriptManager server control, ASP.NET AJAX applica- Wrox Blox Browse tion services and networking, databases and Web services, testing and Advance Your Career debugging, and deploying applications demonstrates how the client and Download short informational pieces and Ready for more Wrox? We have books and server need to interact in order to produce a better Web application. code to keep you up to date and out of e-books available on .NET, SQL Server, Java, Professional ASP.NET 3.5 trouble! XML, Visual Basic, C#/ C++, and much more! 978-0-470-18757-9 Professional ASP.NET 3.5 helps the experienced programmer put the latest ASP.NET technologies into action. Greatly expanded from the original best-selling Professional ASP.NET 2.0, Professional ASP.NET 3.5 covers all the key technologies retained from 2.0 in new depth alongside the hundreds of pages of coverage of the important new 3.5 features. Written by 3 of the most well- known and influential ASP.NET developers, Professional ASP.NET 3.5 is the book you’ll learn the language from and turn to day after day as you write Web applications. And as always, Professional ASP.NET 3.5 features language examples in the book and in the code download in both C# and VB. Contact Us. Beginning ASP.NET 3.5 978-0-470-18759-3 Imar Spaanjaar’s book for programmers new to ASP.NET 3.5 has been widely praised as a well-organized tome of information We always like to get feedback from our readers. Have a book idea? written by a Web developer for Web developers. Throughout the book the author works through the steps of creating an actual, Need community support? Let us know by e-mailing [email protected] fully-functional ASP.NET 3.5 Web site. Each chapter builds on skills learned in the previous sections of the book, allowing the reader to gain confidence working with ASP.NET 3.5 as they progress through the book. www.it-ebooks.info Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiii Chapter 1: Introducing IIS 7.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Chapter 2: IIS 7.0 and ASP.NET Integrated Mode . . . . . . . . . . . . . . . . . . . . . 29 Chapter 3: HTTP Request Processing in IIS 7.0 Integrated Model . . . . . . . . . 79 Chapter 4: A Matter of Trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 Chapter 5: Configuration System Security. . . . . . . . . . . . . . . . . . . . . . . . . . 223 Chapter 6: Forms Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287 Chapter 7: Integrating ASP.NET Security with Classic ASP . . . . . . . . . . . . . 373 Chapter 8: Session State . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417 Chapter 9: Security for Pages and Compilation . . . . . . . . . . . . . . . . . . . . . . 449 Chapter 10: The Provider Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469 Chapter 11: Membership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 519 Chapter 12: SqlMembershipProvider . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 561 Chapter 13: ActiveDirectoryMembership Provider . . . . . . . . . . . . . . . . . . . . 639 Chapter 14: Role Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 691 Chapter 15: SqlRoleProvider . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 735 Chapter 16: AuthorizationStoreRoleProvider . . . . . . . . . . . . . . . . . . . . . . . . 763 Chapter 17: Membership and Role Management in ASP.NET AJAX 3.5 . . . . . 791 Chapter 18: Best Practices for Securing ASP.NET Web Applications . . . . . . 823 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 879 www.it-ebooks.info 79301ffirs.indd 1 10/7/08 12:39:21 PM www.it-ebooks.info 79301ffirs.indd 2 10/7/08 12:39:22 PM Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB www.it-ebooks.info 79301ffirs.indd 3 10/7/08 12:39:22 PM www.it-ebooks.info 79301ffirs.indd 4 10/7/08 12:39:22 PM Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB Bilal Haidar Stefan Schackow www.it-ebooks.info 79301ffirs.indd 5 10/7/08 12:39:22 PM Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB Published by Wiley Publishing, Inc. 10475 Crosspoint Boulevard Indianapolis, IN 46256 www.wiley.com Copyright © 2009 by Wiley Publishing, Inc., Indianapolis, Indiana Portions based on the previous work Professional ASP.NET 2.0 Security, Membership, and Role Management, by Stefan Schackow, copyright © 2006 Stefan Schackow, published by Wiley Publishing, Inc. Published simultaneously in Canada ISBN: 978-0-470-37930-1 Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 Library of Congress Cataloging-in-Publication Data Haidar, Bilal. Professional ASP.NET 3.5 security, membership, and role management with C# and VB / Bilal Haidar, Stefan Schackow. p. cm. Includes index. ISBN 978-0-470-37930-1 (paper/website) 1. Active server pages. 2. Microsoft .NET. 3. Computer security. 4. Web site development. I. Schackow, Stefan, 1970- II. Title. QA76.9.A25H344 2008 005.8—dc22 2008036129 No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, elec- tronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/ permissions. Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read. For general information on our other products and services please contact our Customer Care Department within the United States at (877) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002. Trademarks: Wiley, the Wiley logo, Wrox, the Wrox logo, Wrox Programmer to Programmer, and related trade dress are trade- marks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. All other trademarks are the property of their respective owners. Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book. Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in elec- tronic books. www.it-ebooks.info 79301ffirs.indd 6 10/7/08 12:39:22 PM About the Author Bilal Haidar has a BE in Computer Engineering and a BS in Computer Science with a minor in Math- ematics from the Lebanese American University (LAU). He has authored several online articles for www.aspalliance.com, www.code-magazine.com, and www.aspnetpro.com, and is one of the top post- ers at the ASP.NET forums. Bilal has been a Microsoft MVP in ASP.NET since 2004, as well as a Microsoft Certified Trainer, and currently works as a senior developer for Consolidated Contractors Company (CCC), a multinational company whose headquarters are based in Athens, Greece (www.ccc.gr). Bilal runs his own blog, where he shares his technical experience and can be reached at http://www.bhaidar.net. About the Previous Author Stefan Schackow is a Program Manager on the Web Platform and Tools Team at Microsoft. During the Visual Studio 2005 cycle, he worked on the new application services stack in Visual Studio 2005 and owned the Membership, Role Manager, Profile, Personalization and Site Navigation features in ASP.NET 2.0. He also worked on features for Microsoft’s ASP.NET hosting solution. Currently, Stefan is working and speaking on Silverlight for Microsoft. He is a frequent speaker at Microsoft developer conferences. Prior to joining the ASP.NET team, Stefan worked as an application development consul- tant in Microsoft Consulting Services (MCS) with enterprise customers. www.it-ebooks.info 79301ffirs.indd 7 10/7/08 12:39:22 PM www.it-ebooks.info 79301ffirs.indd 8 10/7/08 12:39:22 PM

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.