Catálogo de publicaciones - libros

Security in web applications is very important, because of the exposure to the entire Web (of hackers!). In this Chapter, we looked at some general security concepts, as well as modern role-based security.

We examined the various authentication options available in ASP.NET, and provided some guidance that should allow you to choose among them. We discussed application configuration files in the context of security settings, and we used authentication and authorization to secure an application. We also used custom authentication to meet application requirements, showing the level of extensibility available in the general security infrastructure.

In order to describe the close relationship between IIS and ASP.NET, we provided an overview of the modular and extensible architecture that exists to process web requests, and how the various authentication options are implemented internally, as well as their interaction with the main web application.

Now our Friends Reunion application has become much more secure, through the use of the concepts you’ve learned in this Chapter. However, we certainly haven’t covered every possible security-related feature available in .NET, as that is a subject for a whole book. As noted earlier, one such book is , which can also be downloaded as a PDF from www.microsoft.com/practices.

Security in web applications is very important, because of the exposure to the entire Web (of hackers!). In this Chapter, we looked at some general security concepts, as well as modern role-based security.

We examined the various authentication options available in ASP.NET, and provided some guidance that should allow you to choose among them. We discussed application configuration files in the context of security settings, and we used authentication and authorization to secure an application. We also used custom authentication to meet application requirements, showing the level of extensibility available in the general security infrastructure.

In order to describe the close relationship between IIS and ASP.NET, we provided an overview of the modular and extensible architecture that exists to process web requests, and how the various authentication options are implemented internally, as well as their interaction with the main web application.

Now our Friends Reunion application has become much more secure, through the use of the concepts you’ve learned in this Chapter. However, we certainly haven’t covered every possible security-related feature available in .NET, as that is a subject for a whole book. As noted earlier, one such book is , which can also be downloaded as a PDF from www.microsoft.com/practices.

Data access is essential for all but the most trivial web applications. However, the data-access code itself should not hinder a programmer’s productivity. Easy and intuitive data facilities are crucial in any good development environment, and VS .NET, together with ADO.NET, fulfills both requirements. In this Chapter, we looked at ADO.NET components and how they interact with the IDE to enhance our experience. You saw that VS .NET includes some powerful wizards and design-time advantages that have not previously been seen in a Microsoft IDE.

Components and data binding make the process of displaying and editing data a breeze. You learned how it works with simple controls, as well as with the more advanced DataGrid and DataList controls. You saw how the incredibly versatile templates can be used to achieve some real-world goals. Our Friends Reunion sample application became much more useful, and it’s a good example of the possibilities of the new platform.

In the next Chapter, you will learn about the importance of state in web applications, and you’ll find out how ASP.NET overcomes the stateless nature of the HTTP protocol through its impressive state management features.