专业 ASP.NET 2.0 安全、成员身份与角色管理 Professional ASP.NET 2.0 Security,
点此进入淘宝搜索页搜索分類: 图书,进口原版书,科学与技术 Science & Techology ,
作者: Stefan Schackow 著
出 版 社: John Wiley & Sons
出版时间: 2006-12-1字数:版次: 1页数: 611印刷时间: 2006/01/01开本:印次:纸张: 胶版纸I S B N : 9780764596988包装: 平装内容简介
Experienced developers who are looking to create reliably secure sites with ASP.NET 2.0 will find that Professional ASP.NET 2.0 Security, Membership, and Role Management covers a broad range of security features including developing in partial trust, forms authentication, and securing configuration. The book offers detailed information on every major area of ASP.NET security you’ll encounter when developing Web applications.
You’ll see how ASP.NET 2.0 version contains many new built-in security functions compared to ASP.NET 1.x such as Membership and Role Manager, and you’ll learn how you can extend or modify various features. The book begins with two chapters that walk you through the processing ASP.NET 2.0 performs during a web request and the security processing for each request, followed by a detailed explanation of ASP.NET Trust Levels.
With this understanding of security in place, you can then begin working through the following chapters on configuring system security, forms authentication, and integrating ASP.NET security with classic ASP including integrating Membership and Role Manager with classic ASP. The chapter on session state looks at the limitations of cookieless session identifiers, methods for heading off session denial of service attacks, and how session state is affected by trust level. After the chapter explaining the provider model architecture in ASP.NET 2.0 and how it is useful for writing custom security providers you go to the MembershipProvider class and configuring the two default providers in the Membership feature, SqlMembershipProvider and ActiveDirectoryMembershipProvider. You'll see how to use RoleManager to make it easy to associate users with roles and perform checks declaratively and in code and wrap up working with three providers for RoleProvider – WindowsTokenRoleProvider, SqlRoleProvider, and AuthorizationStoreRoleProvider (to work with Authorization Manager or AzMan).
作者简介:
Stefan Schackow is a Program Manager on the Web Platform and Tools Team at Microsoft working on the new application services stack in Visual Studio 2005. He owns the Membership, Role Manager, Profile, Personalization and Site Navigation features in ASP.NET 2.0. He also works on features for Microsoft's ASP.NET hosting solution. He is a frequent speaker at Microsoft developer conferences. Prior to joining the ASP.NET team Stefan worked as an application development consultant in Microsoft Consulting Services (MCS) with enterprise customers for four years.
目录
Acknowledgments
Introduction
Chapter 1: Initial Phases of a Web Request
Chapter 2: Security Processing for Each Request
Chapter 3: A Matter of Trust
Chapter 4: Configuration System Security
Chapter 5: Forms Authentication
Chapter 6: Integrating ASP.NET Security with Classic ASP
Chapter 7: Session State
Chapter 8: Security for Pages and Compilation
Chapter 9: The Provider Model
Chapter 10: Membership
Chapter 11: SqlMembershipProvider
Chapter 12: ActiveDirectoryMembershipProvider
Chapter 13: Role Manager
Chapter 14: SqlRoleProvider
Chapter 15: AuthorizationStoreRoleProvider
Index
