Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint

Conclusion

There are three layers of security wrapped around ASP.NET applications: the IIS layer, the ASP.NET worker process layer, and the application layer. As a developer, you can configure parameters in the first two levels, but you are totally responsible for planning and implementing the third one. Forms authentication is the most reasonable approach to protecting pages from unauthorized access in an Internet-exposed application. The most reasonable approach for an intranet application is integrated Windows authentication. Although it’s not perfect, Forms authentication is broadly used because it is simple to understand and functional. In ASP.NET 2.0 and newer versions, Forms authentication is partnered with the membership API.

The membership API doesn’t change the way in which Forms authentication works, it simply adds new and powerful tools for developers. If you’re writing a new ASP.NET application, there’s no reason for not implementing authentication through the membership API and its auxiliary classes and server controls. If you’re migrating an existing application, you should try to embrace the newest API by refactoring your code to make it fully reusable.


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free 10-Day Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint