APPLICATION SECURITY BOOK EXCERPTS
Forms Authentication -- Chapter 5, Professional ASP.NET 2.0 Security, Membership, and Role Management
Stefan Schackow
11.06.2006
Rating: --- (out of 5)
As a registered member of SearchAppSecurity.com, you're entitled to a complimentary copy of Chapter 5 of Professional ASP.NET 2.0 Security, Membership, and Role Management written by Stefan Schackow and published by John Wiley & Sons Inc. "Chapter 5 -- Forms Authentication" explains security features that have been added to forms authentication in ASP.NET 2.0.
This chapter covers the following topics on ASP.NET 2.0 forms authentication:
- Making changes to the behavior of persistent forms authentication tickets
- Securing the forms authentication payload
- Securing forms authentication cookies with HttpOnly and requireSSL
- Using Cookieless support in forms authentication
- Using forms authentication across ASP.NET 1.1 and ASP.NET 2.0
- Leveraging the UserData property of FormsAuthenticationTicket
- Passing forms authentication tickets between applications
- Enforcing a single login and preventing replayed tickets after logout
Book description:
Experienced developers who are looking to create reliably secure sites with ASP.NET 2.0 will find that Professional ASP.NET 2.0 Security, Membership, and Role Management covers a broad range of security features including developing in partial trust, forms authentication, and securing configuration. The book offers detailed information on every major area of ASP.NET security you'll encounter when developing Web applications.
You'll see how ASP.NET 2.0 version contains many new built-in security functions compared to ASP.NET 1.x such as Membership and Role Manager, and you'll learn how you can extend or modify various features. The book begins with two chapters that walk you through the processing ASP.NET 2.0 performs during a web request and the security processing for each request, followed by a detailed explanation of ASP.NET Trust Levels.
With this understanding of security in place, you can then begin working through the following chapters on configuring system security, forms authentication, and integrating ASP.NET security with classic ASP including integrating Membership and Role Manager with classic ASP.
>> Read Chapter 5: Forms Authentication
>> Buy the book
|
|
Rate this Tip
|
To rate tips, you must be a member of SearchSoftwareQuality.com.
Register now
to start rating these tips. Log in if you are already a member.
|
 |
 |
| |
RELATED CONTENT
 |
Security Methods |
|
Fuzzing for Software Security Testing and Quality Assurance: Chapter 3, Testing for Quality
|
|
Software Security Engineering: A Guide for Project Managers -- Chapter 3, Requirements Engineering for Secure Software
|
|
Google Hacking for Penetration Testers, Volume 2: Chapter 6, Locating Exploits and Finding Targets
|
|
Ajax Security -- Chapter 6, Transparency in Ajax Applications
|
|
Fuzzing: Brute Force Vulnerability Discovery -- Chapter 12, Fuzzing Frameworks
|
|
Static Analysis as Part of the Code Review Process -- Chapter 3, Secure Programming with Static Analysis
|
|
Security Metrics: Replacing Fear, Uncertainty, and Doubt -- Chapter 3, Application Security Metrics
|
|
Securing JavaServer Faces Applications -- Chapter 15, JavaServer Faces: The Complete Reference
|
|
Hacking for Dummies -- Chapter 16, Web applications
|
|
Penetration testing techniques -- Chapter 6, Professional Pen Testing for Web Applications
|
|
DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.
|
|
|
|
|
|
|
