Chapter 24. Introduction to Web Security
OBJECTIVES
Learn the basics of Web-related security
Use forms-based authentication
Authorize authenticated users
When you refer to security in a Web application, you're generally considering two basic issues: authenticating users (verifying that a user is someone you want to allow into your site) and authorizing users (granting rights based on the current logged-in user's identity). This chapter introduces both of these topics, providing an example based on the project you've been creating throughout the book.
NOTE
Security is a huge topic in ASP.NET, and in .NET in general. Because Microsoft has built security into every area of .NET, from code access to application deployment, full coverage of all the .NET security issues and their implications is far beyond the scope of this chapter and this book.