Professional Documents
Culture Documents
Securing A Web Application
Securing A Web Application
Module Overview
Configuring Authentication Configuring ASP.NET Membership Managing Authorization by Using ASP.NET Roles
IIS Authentication
Basic authentication
Anonymous access
IIS authentication
Digest authentication
Configuring Anonymous authentication Configuring Basic authentication Configuring Digest authentication Configuring Windows authentication
Notes Page Over-flow Slide. Do Not Print Slide. See Notes pane.
authentication engine
cookie (if the cookie is not found, the user is not authenticated) Web.config file
Set Windows and Forms authentication using the Using the Login page, enable the user to enter the
Membership
enablePasswordReset, and other options related to the Membership API Forms in the Web.config file for membership
Configure Forms authentication by setting the mode to Use the ASP.NET configuration tool to set up user accounts
Site Administration Tool, or by manually editing the Web.config file can choose the providers for the application
By opening the configuration in the browser, the developer The updates performed by the ASP.NET Web Site
Create a user
Notes Page Over-flow Slide. Do Not Print Slide. See Notes pane.
membership providers enabled in ASP.NET web application Web.config file Web.config file
PasswordRecovery Control
The PasswordRecovery control helps the user to retrieve
Clear text passwords are sent to a specified email address The email address can be specified in the Web.config file
and files, allowing you to prevent access by unauthorized users and by manually adding them in the Web.config file
Open solution
Enable roles
Notes Page Over-flow Slide. Do Not Print Slide. See Notes pane.
unauthorized resources
Set up access rules by manually editing the Web.config file Use Roles API to set up access rules
application
Used heavily in corporate intranet-based applications Can be set up by specifying windows as the
Logon information
Lab Scenario
Lab Review
How is the ASP.NET Web Site Administration Tool
accessed?