Index

A

access checks., Choose an Authentication Approach (see )

accounts., Design Principles, ASP.NET Authentication Modes, More Information, ASP.NET and HttpContext.User, ASP.NET and HttpContext.User, Intranet Security, Intranet Security, Extranet Security, Internet Security, More Information, Custom Authentication, Accessing Network Resources, Using a Serviced Component, Register Serviced Components, Solution Implementation, Windows Authentication, Using Fixed Identities within ASP.NET, Connection String Types, Connection String Types, Auditing, IIS Authentication Issues, Check Identity, How To: Create a Custom Account to Run ASP.NET, Develop LDAP Authentication Code to Look Up the User in Active Directory, Requirements, Call the Managed DPAPI Class Library, How To: Use Role-based Security with Enterprise Services, Create a Custom Account for Running the Serviced Component, Create a Windows Account to Run the Service

(see also )

anonymous domain, at Web servers, More Information

anonymous Internet, Using a Serviced Component, Using Fixed Identities within ASP.NET

creating custom, for serviced component, Create a Custom Account for Running the Serviced Component

creating database for., Connection String Types (see )

default ASPNET., Intranet Security (see )

duplicate, Intranet Security, Extranet Security, Internet Security

IUSR_MACHINENAME, ASP.NET Authentication Modes, ASP.NET and HttpContext.User, IIS Authentication Issues, Check Identity

Kerberos delegation and, Requirements

least privileged, Design Principles, Custom Authentication

(see also )

mirrored, Accessing Network Resources, Windows Authentication, How To: Create a Custom Account to Run ASP.NET

SQL Server, Connection String Types, Auditing

Web services client certificates and, Solution Implementation

Windows, Call the Managed DPAPI Class Library, How To: Use Role-based Security with Enterprise Services, Create a Windows Account to Run the Service

(see also )

Windows group, More Information, Register Serviced Components, Develop LDAP Authentication Code to Look Up the User in Active Directory

ACLs., The Foundations (see )

Active Directory, Configuring the Extranet Web Server, Configuring the Extranet Web Server, Analysis, Using Forms Authentication, How To: Implement Kerberos Delegation for Windows 2000, Tips

delegation and, How To: Implement Kerberos Delegation for Windows 2000
extranet settings, Configuring the Extranet Web Server, Configuring the Extranet Web Server
Forms authentication with., Analysis (see )
reference information, Tips
SPNs, Using Forms Authentication

Active Directory, Forms Authentication with, Analysis, Analysis, Configurable Security, How To: Use Forms Authentication with Active Directory, How To: Use Forms Authentication with Active Directory, Create a Web Application with a Logon Page, Configure the Web Application for Forms Authentication, Configure the Web Application for Forms Authentication, Develop LDAP Authentication Code to Look Up the User in Active Directory, Develop LDAP Group Retrieval Code to Look Up the User’s Group Membership, Implement an Authentication Request Handler to Construct a GenericPrincipal Object, Test the Application

authenticating users and creating authentication ticket, Develop LDAP Group Retrieval Code to Look Up the User’s Group Membership
configuring Web application for, Configure the Web Application for Forms Authentication
creating Web application with logon page, Create a Web Application with a Logon Page
developing LDAP authentication code, Configure the Web Application for Forms Authentication
developing LDAP group retrieval code, Develop LDAP Authentication Code to Look Up the User in Active Directory
implementing authentication request handler to construct GenericPrincipal object, Implement an Authentication Request Handler to Construct a GenericPrincipal Object
requirements, How To: Use Forms Authentication with Active Directory
testing, Test the Application

administration effort, Disadvantages of the Impersonation / Delegation Model

administrators, rogue, Accessing Non-Windows Network Resources

ADO.NET, Implementation Technologies, Gatekeepers and Gates, Create a User Account Database, Key Notes

as implementation technology, Implementation Technologies
gates, Gatekeepers and Gates
reference information, Key Notes
user account database and, Create a User Account Database

algorithms, How To: Create an Encryption Library, Technical Choices

(see also , )

Anonymous authentication, ASP.NET Authentication Modes, Gatekeepers and Gates, Configure IIS Settings, Development Steps for Forms Authentication, Using a Serviced Component, Using Fixed Identities within ASP.NET, IIS Authentication Issues, ASP.NET Identity Matrix

configuring IIS, Development Steps for Forms Authentication
configuring impersonation, Configure IIS Settings
data access security and, Using Fixed Identities within ASP.NET
disabling, Gatekeepers and Gates
network resources and, Using a Serviced Component
troubleshooting, IIS Authentication Issues
Web.config settings, ASP.NET Identity Matrix
Windows authentication and, ASP.NET Authentication Modes

anonymous domain accounts at Web servers, More Information

apartment model objects, Accessing the Registry

application isolation, IIS and ASP.NET Processing

application level identity flow, Choose an Authentication Approach, Disadvantages of the Trusted Subsystem Model

application level security, IPSec, Application Level Security, Secure Communication

IPSec, IPSec, Secure Communication
Web services, Application Level Security

application roles, Authorization

application servers, Physical Deployment Models, Web Server to Remote Application Server, Configuring the Web Server (that Hosts the Web Application), Security Configuration Steps, Security Configuration Steps, Configure the Web Server, Configuring the Web Server, Configuring the Web Server, Configuring the Web Server, Configuring the Web Server, Configuring the Web Server, Configuring the Web Server

configuring, for .NET remoting, Configuring the Web Server, Configuring the Web Server, Configuring the Web Server
configuring, for Web services, Configuring the Web Server, Configuring the Web Server, Configuring the Web Server
Internet settings, Configure the Web Server
intranet settings, Configuring the Web Server (that Hosts the Web Application), Security Configuration Steps, Security Configuration Steps
secure communication, Web Server to Remote Application Server
Web servers as, Physical Deployment Models

application tiers, remote, Physical Deployment Models

applications, Web., Security Model for ASP.NET Applications (see )

articles., Reference Hub (see )

ASP.NET, Security Model for ASP.NET Applications, Implementation Technologies, Security Architecture, ASP.NET Security, Key Notes

applications, Security Model for ASP.NET Applications

(see also )

as implementation technology, Implementation Technologies, Security Architecture

reference information, Key Notes

security., ASP.NET Security (see )

(see also , )

.NET remoting requests and, Formatter Sinks

accessing COM objects, Accessing the Registry

accessing network resources, Accessing Network Resources

accessing system resources, Accessing System Resources

architecture, ASP.NET Security

ASP.NET settings, Configure IIS Settings

authentication and authorization strategies, Principal Permission Demands and Explicit Role Checks

authentication modes, Authentication

authorization options, More Information

(see also , , , , )

base configuration, Base Configuration

configuration stores and tools, Configuration Stores and Tools

configuring, Programmatic Security

configuring for .NET remoting, Configuring the Web Server, Configuring the Remote Application Server, Configuring the Web Server, Configuring the Application Server, Choosing a Host, Configuring the Web Server

configuring for custom accounts, Configure ASP.NET to Run Using the New Account

configuring for Forms authentication, Development Steps for Forms Authentication

configuring for Passport authentication, Passport Authentication

configuring for Web services, Configure ASP.NET Settings, Configuring the Web Server, Configuring the Web Server, Configuring the Application Server, Flowing the Caller’s Identity, Configuring the Web Server

creating custom accounts, How To: Create a Custom Account to Run ASP.NET

custom authentication, Custom Authentication

(see also )

default account, Design Principles, Avoid Running as SYSTEM

(see also )

extranet settings, Configuring the Extranet Web Server, Configuring the Extranet Web Server

Forms authentication, Windows Authentication

(see also )

gatekeepers and gates, Gatekeepers and Gates, ASP.NET Security Architecture, Platform/Transport Security Architecture, ASP.NET and the HTTP Channel

HTTP channel and, Anatomy of a Request When Hosting in ASP.NET

identity matrix, ASP.NET and HttpContext.User, ASP.NET Identity Matrix

IIS settings, Configure IIS Settings

impersonation, More Information

Internet settings, Configure the Web Server, Configure the Web Server

(see also )

intranet settings, Security Configuration Steps, Security Configuration Steps, Configuring the Web Server (that Hosts the Web Application), Security Configuration Steps, Security Configuration Steps

(see also )

ISAPI extension, Configure ASP.NET Settings, Locking Configuration Settings, Using the Default ASPNET Account, Formatter Sinks, How Does It Work?

least privileged accounts, Design Principles

(see also )

options, Design Principles, Security Across the Tiers, .NET Web Application Security

Passport authentication, Passport Authentication

(see also )

pipeline processing, IIS 6.0 and Windows .NET Server

process identity, Custom Authentication

(see also )

processing and IIS, How Does It Work?

programming, Preventing Files from Being Downloaded

remote object hosting, Formatter Sinks, .NET Remoting Gatekeepers, Configuring the Remote Application Server, Configuring the Application Server, Configuring the Web Server, Choosing a Host Process

resetting default configuration, Implementing Mirrored ASPNET Process Identity

secure communication, Preventing Files from Being Downloaded, Accessing Non-Windows Network Resources

securing resources, URL Authorization Examples

securing session and view state, Securing Session and View State

storing secrets, Accessing Non-Windows Network Resources

troubleshooting, Enable Tracing

using DPAPI directly, Using DPAPI from Enterprise Services

Web farm considerations, Web Farm Considerations

Windows authentication, Creating a Custom IPrincipal class, Securing the Database Connection String

(see also )

AspCompat directive, Accessing the Registry, Accessing Network Resources

ASPNET default account, Design Principles, Intranet Security, Extranet Security, Internet Security, Avoid Running as SYSTEM, Solution Implementation, Using the ASP.NET Process Identity, Check Identity, Check Identity, How To: Create a Custom Account to Run ASP.NET, Why Use a Serviced Component?

as interactive user account, Solution Implementation

as least privileged account, Design Principles, Why Use a Serviced Component?

duplicated, Intranet Security, Extranet Security, Internet Security

mirrored, Using the ASP.NET Process Identity

process identity and, Avoid Running as SYSTEM, Check Identity, How To: Create a Custom Account to Run ASP.NET

(see also )

troubleshooting, Check Identity

aspnet_regiis.exe tool, Implementing Mirrored ASPNET Process Identity

aspnet_setreg.exe tool, Intranet Security, Extranet Security, The <processModel> Element, Securing SQL Session State, Implementing Mirrored ASPNET Process Identity, Configure ASP.NET to Run Using the New Account

Aspnet_wp.exe worker process, Custom Authentication, Using the Default ASPNET Account

(see also )

assemblies, Versioning, Create a C# Class Library, Configure the Serviced Component, Build the Assembly and Add it to the Global Assembly Cache

building and adding, to global assembly cache, Build the Assembly and Add it to the Global Assembly Cache
strong names for, Create a C# Class Library, Configure the Serviced Component
versioning, Versioning

asymmetric encryption, SSL/TLS, Keys and Certificates, Technical Choices, Symmetric Algorithm Support

auditing, Choose the Identities Used for Resource Access, Using Multiple Trusted Identities, Disadvantages of the Impersonation / Delegation Model, Analysis, Analysis, Analysis, Programmatic Security, Flowing the Original Caller, Auditing, IIS Authentication Issues, Windows Security Logs, Windows Security Logs

authentication and, Choose the Identities Used for Resource Access
Enterprise Services, Flowing the Original Caller
extranet scenario, Analysis
IIS authentication and, IIS Authentication Issues
impersonation/delegation model and, Using Multiple Trusted Identities
intranet scenarios, Analysis, Analysis
logon, Auditing, Windows Security Logs
troubleshooting with logging and, Windows Security Logs
trusted subsystem model and, Disadvantages of the Impersonation / Delegation Model
Windows authentication and, Programmatic Security

authenticated clients., The Foundations (see )

authentication, The Foundations, Authorization, Security Across the Tiers, Authentication, Choose the Identities Used for Resource Access, Impersonation, Role Checking Examples, Authentication Mechanism Comparison, IPSec, Choosing Between IPSec and SSL, Intranet Security, Extranet Security, Internet Security, ASP.NET Security, Configure IIS Settings, URL Authorization Notes, An Authorization Pattern, Hosting Multiple Web Applications, Enterprise Services Security, Security for Server and Library Applications, Development Time vs. Deployment Time Configuration, Development Time vs. Deployment Time Configuration, Development Time vs. Deployment Time Configuration, Configure Authentication, Configure Authentication, Configure Authentication, Calling Serviced Components from ASP.NET, Security Concepts, Authentication, Authentication, Authentication, Platform/Transport Level (Point-to-Point) Security, Platform/Transport Security Architecture, Configure ASP.NET Settings, Disable HTTP-GET, HTTP-POST, Proxy Server Authentication, Configuring the Remote Application Server, Anatomy of a Request When Hosting in ASP.NET, .NET Remoting Gatekeepers, Accessing Network Resources, Configuring the Remote Application Server, Advantages, Advantages, Introducing Data Access Security, Trusted Subsystem vs. Impersonation/Delegation, Trusted Subsystem vs. Impersonation/Delegation, Connection String Types, Choosing a SQL Account for Your Connections, Using the COM+ Catalog, Searching for Implementation Solutions, Configuration Stores and Tools, ASP.NET Identity Matrix, Certificate Stores

.NET remoting, Anatomy of a Request When Hosting in ASP.NET, .NET Remoting Gatekeepers, Accessing Network Resources, Configuring the Remote Application Server, Advantages

ASP.NET modes, Authentication

(see also , , , )

ASP.NET processing, ASP.NET Security

authorization pattern and, An Authorization Pattern

choosing mechanisms for, Choose the Identities Used for Resource Access, Role Checking Examples

client application, Configure Authentication

comparison of mechanisms, Authentication Mechanism Comparison

configuration stores and tools, Configuration Stores and Tools

configuring, Configure IIS Settings, Development Time vs. Deployment Time Configuration, Configure Authentication

credentials., Introducing Data Access Security (see )

cryptography and, Certificate Stores

data access security and, Trusted Subsystem vs. Impersonation/Delegation, Trusted Subsystem vs. Impersonation/Delegation

database stores and, Using the COM+ Catalog

delegation and, Impersonation, Hosting Multiple Web Applications

(see also , )

Enterprise Services, Enterprise Services Security, Development Time vs. Deployment Time Configuration, Configure Authentication, Security Concepts, Authentication

extranet., Extranet Security (see )

Internet., Internet Security (see )

intranet., Intranet Security (see )

IPSec and, IPSec, Choosing Between IPSec and SSL

level negotiation, Authentication

level promotion, Authentication

library application, Security for Server and Library Applications

Machine.config and, Calling Serviced Components from ASP.NET

non-SQL Server databases and, Choosing a SQL Account for Your Connections

passing credentials for, to Web services, Disable HTTP-GET, HTTP-POST

proxy server, Proxy Server Authentication

server application, Development Time vs. Deployment Time Configuration

SQL., Connection String Types (see )

strategies, The Foundations

(see also )

technologies and principles, Authorization, Security Across the Tiers

troubleshooting, Searching for Implementation Solutions

URL authorization and, URL Authorization Notes

Web services, Platform/Transport Level (Point-to-Point) Security, Platform/Transport Security Architecture, Configure ASP.NET Settings, Configuring the Remote Application Server

Web.config settings, ASP.NET Identity Matrix

Windows service features, Advantages

authentication and authorization strategies, The Foundations, Logical Tiers, Authentication and Authorization Design, Authentication and Authorization Design, Choose an Authentication Approach, Disadvantages of the Trusted Subsystem Model, Delegation, Role Checking Examples, Principal Permission Demands and Explicit Role Checks, Available Authorization Options, Windows Authentication with Impersonation, More Information, Programmatic Security, More Information, Using File Authorization, How To: Implement Kerberos Delegation for Windows 2000

(see also )

.NET remoting, Using File Authorization

authentication mechanisms, Role Checking Examples

authorization approaches, Choose an Authentication Approach

authorization options, Available Authorization Options

designing, Authentication and Authorization Design

flowing identity, Disadvantages of the Trusted Subsystem Model

(see also )

Forms authentication, More Information

implementing Kerberos delegation, How To: Implement Kerberos Delegation for Windows 2000

Passport authentication, Programmatic Security

role-based authorization, Delegation

User Services layer and, Logical Tiers

Web services, More Information

Windows authentication, Windows Authentication with Impersonation

authorization, The Foundations, Authorization, Security Across the Tiers, More Information, Authentication and Authorization Design, Choose an Authentication Approach, Choose an Authentication Approach, Authorization Approaches, Resource Based Authorization, Intranet Security, Extranet Security, Internet Security, Analysis, Available Authorization Options, Configure ASP.NET Settings, Preventing Files from Being Downloaded, An Authorization Pattern, Enterprise Services Security, Development Time vs. Deployment Time Configuration, Development Time vs. Deployment Time Configuration, Security Concepts, ASP.NET and the HTTP Channel, Authorization, Advantages, Advantages, Authorization, Using Forms Authentication, Configuration Stores and Tools

.NET remoting, ASP.NET and the HTTP Channel, Authorization, Advantages

.NET roles for Internet, Analysis

approaches, Choose an Authentication Approach

configuration stores and tools, Configuration Stores and Tools

configuring, Configure ASP.NET Settings, Development Time vs. Deployment Time Configuration

data access security and, Authorization

Enterprise Services, Enterprise Services Security, Development Time vs. Deployment Time Configuration, Security Concepts

(see also )

extranet., Extranet Security (see )

Internet., Internet Security (see )

intranet., Intranet Security (see )

options, More Information, Available Authorization Options

pattern, An Authorization Pattern

programming, Preventing Files from Being Downloaded

resource access models and, Resource Based Authorization

resource-based, Authorization Approaches

role-based, Choose an Authentication Approach

(see also )

strategies, The Foundations, Authentication and Authorization Design

(see also )

technologies and principles, Authorization, Security Across the Tiers

troubleshooting, Using Forms Authentication

Windows service features, Advantages

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for Index

Create new playlist

Sign In

Sign Up

A

Table of Contents for
Index