Partager via

Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication

  • Article
Retired Content

This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

 

patterns & practices Developer Center

Reference Hub

J.D. Meier, Alex Mackman, Michael Dunner, and Srinath Vasireddy
Microsoft Corporation

Published: November 2002

Last Revised: January 2006

Applies to:

  • Microsoft® ASP.NET

See the "patterns & practices Security Guidance for Applications Index" for links to additional security resources.

See the Landing Page for the starting point and a complete overview of Building Secure ASP.NET Applications.

Summary: This section provides a series of reference links to articles, support roadmaps, and technology hubs that relate to the core areas covered by the Building Secure ASP.NET Applications guide. Use this section to help locate additional background reading and useful articles. (9 printed pages)

Contents

Searching the Knowledge Base
.NET Security
Active Directory
ADO.NET
ASP.NET
Enterprise Services
IIS (Internet Information Server)
Remoting
SQL Server
Visual Studio .NET
Web ServicesWindows 2000
Windows 2003

This section has a consolidated set of pointers for the following:

Searching the Knowledge Base

You can search the Microsoft Knowledge Base from two locations:

When you search the Knowledge Base, you can supplement your search with keywords to help refine the articles that appear as a result of your search.

The following example uses the support search site, but similar concepts apply when searching from the MSDN Home page.

To search the Knowledge Base from https://support.microsoft.com

  1. In the Search the Knowledge Base box, select All Microsoft Search Topics (the default selection).
  2. In the For solutions containing (optional) box, type your search criteria. You can use a combination of Knowledge Base keywords and search criteria.

The following list shows some example Knowledge Base keywords:

  • kbAspNet returns ASP.NET articles.
  • kbAspNet kbSecurity returns ASP.NET articles that discuss security issues.
  • kbAspNet impersonation returns ASP.NET articles that discuss impersonation. Note that impersonation is not a keyword; it is simply an additional search criterion, which helps to refine the search.

Tips

  • To access additional search options, click Advanced Search.
  • To make sure the search includes all of the words you enter, click All of the words entered in the Using field.
  • To limit the age of articles returned from the search, select a value from the Modified: field.
  • To show search results from more categories than the default, select categories from the Categories: field.

You may find the following Knowledge Base keywords helpful:

You can use the preceding keywords in conjunction with the following technology and product keywords:

.NET Security

Hubs

Active Directory

Hubs

Key Notes

  • Transitive trust is always available between domains in the same forest. Only "external trusts," which are not transitive, are available in separate forests in Windows 2000.
  • Active Directory installations in perimeter networks (also known as DMZ, demilitarized zones, and screened subnets) should always be in a separate forest, not just a separate domain. The forest is the security boundary. This concept is illustrated in Chapter 6: Extranet Security.
  • If you need more than 5,000 members in a group then you need either .NET Server (which supports direct group membership of arbitrary sizes) or nested groups. The Commerce Server 2000 Software Development Kit (SDK) uses nested groups. However, the SDK is not required.

Articles

ADO.NET

Roadmaps and Overviews

Seminars and WebCasts

ASP.NET

Hubs

Roadmaps and Overviews

Knowledge Base

The following keywords help retrieve ASP.NET articles:

Articles

How Tos

For more ASP.NET related How Tos, you can search using the following KB keywords:

Enterprise Services

Roadmaps and Overviews

How Tos

FAQs

Seminars and WebCasts

IIS (Internet Information Server)

Hubs

Remoting

Roadmaps and Overviews

How Tos

Seminars and WebCasts

SQL Server

Hubs

Seminars and WebCasts

Visual Studio .NET

Hubs

Roadmaps and Overviews:

Web Services

Hubs

Roadmaps and Overviews

How Tos

WebCasts and Seminars

Search Online Microsoft Events and Webcasts for:

  • How to Migrate Windows DNA Applications to .NET and XML Web Services
  • XML Web Services—Authoring, Consuming, Testing and Deploying
  • Best Practices for Building Web Services with Microsoft Visual Studio .NET
  • Advanced Web Services

Windows 2000

Hubs

Windows 2003

patterns & practices Developer Center

Retired Content

This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

© Microsoft Corporation. All rights reserved.