Shulou(Shulou.com)06/02 Report--

This article mainly explains "how to use IIS and Forms authentication to build a secure ASP.NET application", the explanation in the article is simple and clear, easy to learn and understand, please follow the idea of Xiaobian slowly in-depth, together to study and learn "how to use IIS and Forms authentication to build a secure ASP.NET application" bar!

ASP.NET security is a very important aspect of Web applications, it involves a wide range of content

This paper describes the implementation of ASP.NET 1.1 and ASP.NET 2.0 on Forms authentication, and what improvements or changes ASP.NET 2.0 has compared with the previous version. I believe that readers have read many similar articles, whether online or in some professional books, and recently there are patterns & practices group members published WCF security model guide, visible building site security is always outdated topic, the author thinks this article is definitely your collection of reference materials.

How ASP.NET Security Works

Websites have a common security requirement: certain pages are only accessible to certain members or other authenticated users. Take full advantage of Forms authentication is the *** way.

authentication

ASP.NET 1.1 and ASP.NET 2.0 security models are consistent in terms of implementation mechanism. After configuring the site for Forms authentication mode and the user visits the URL of the site, the Forms authentication system redirects unauthenticated requests to the specified login page. The user enters credentials (username password) and submits the page. If the authenticator verifies that the user's identity is legitimate, the system issues a specific Cookie (Cookie free mode is not supported in. NET 1.1) to the client that represents the user's authentication ticket. In this way, the client browser sends the Cookie to the server along with subsequent requests, and if the Cookie is valid, the user authenticates and allows access to the originally requested resource.

authorized

If the user's request is authenticated, but the URL he requested is allowed, authorization is used. Friendships can be made through application profiles or code can be used in the program to verify that the user is eligible to access the resource. If authorization fails, ASP.NET redirects the user to the login page. If the user is authorized, the user is allowed access to protected resources.

ASP.NET 1.1 implementation

ASP.NET 1.1 implementation is very simple, but we still need to write some code, below we will step by step implementation. Please refer to the MSDN documentation for a detailed description of the Application Configuration section.

authentication>

authorization>

system.web>

authorization>

system.web>

location>

configuration>

Thank you for reading, the above is "how to use IIS and Forms authentication to build a secure ASP.NET application" content, after learning this article, I believe that we have a deeper understanding of how to use IIS and Forms authentication to build a secure ASP.NET application, the specific use of the situation also needs to be verified. Here is, Xiaobian will push more articles related to knowledge points for everyone, welcome to pay attention!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.