P

P/Invoke, Flowing the Original Caller, Configuring Interface Proxies

Packet Privacy authentication level, RPC Encryption, Configuring Interface Proxies, Authentication

packetmon.exe, Windows Task Manager

pages., More Information (see )

Parameters collection, Anatomy of a SQL Script Injection Attack

partner applications, Web services, Security Configuration Steps

Passport authentication, ASP.NET Authentication Modes, Advantages of Passport Authentication, Passport Authentication, Platform/Transport Security Architecture, Hosting in a Windows Service

.NET remoting and, Hosting in a Windows Service

advantages, Advantages of Passport Authentication

ASP.NET security and, ASP.NET Authentication Modes, Passport Authentication

Web services and, Platform/Transport Security Architecture

PassportIdentity objects, WindowsPrincipal and WindowsIdentity, ASP.NET Identity Matrix

passwords., The Foundations, Authentication, Avoid Running as SYSTEM, Storing Secrets, Using the ASP.NET Process Identity, Using the COM+ Catalog, Summary, How To: Use Forms Authentication with SQL Server 2000

(see also )

ASPNET account and, Avoid Running as SYSTEM

authentication and, The Foundations

(see also )

digests, How To: Use Forms Authentication with SQL Server 2000

Forms authentication, Storing Secrets

(see also )

one-way hashes, Using the COM+ Catalog

strong, Using the ASP.NET Process Identity, Summary

pattern matching statements, Additional Best Practices

percent sign (%), Additional Best Practices

performance, SSL/TLS, Choosing a Host Process, Using UDL Files

remote object hosting, Choosing a Host Process

SSL, SSL/TLS

UDL files, Using UDL Files

permissions., More Information, More Information, Configure IIS Settings, Accessing System Resources, Security for Server and Library Applications, Introducing Data Access Security

(see also , )

IIS Web, More Information

NTFS., Configure IIS Settings (see )

registry, Accessing System Resources

SQL Server, Introducing Data Access Security

unmanaged code, Security for Server and Library Applications

physical deployment., Development Time vs. Deployment Time Configuration (see )

pipeline processing, ASP.NET, IIS 6.0 and Windows .NET Server, ASP.NET Pipeline Processing, Event Handling, Implementing a Custom HTTP Module

anatomy of Web requests, ASP.NET Pipeline Processing

event handling, Event Handling

implementing custom HTTP handlers and HTTP modules, Implementing a Custom HTTP Module

plain text, Introduction, ASP.NET Authentication Modes

platform/transport level (point-to-point) security, Platform/Transport Level (Point-to-Point) Security (see , )

policies, Gatekeepers and Gates, Notes, Create Rules

CAS, Gatekeepers and Gates

IPSec, Notes, Create Rules

pre-master secrets, Why Use a Serviced Component?

preauthenticate property, Using Specific Credentials, Request a Specific Authentication Type

principal permission demands, More Information, Choose the Identities Used for Resource Access, Delegation, Checking Role Membership, Principal Permission Demands and Explicit Role Checks, Programmatic Security, Configurable Security, Configurable Security, Platform/Transport Security Architecture, Configurable Security, Configurable Security, ASP.NET and the HTTP Channel, .NET Remoting Gatekeepers

.NET remoting, ASP.NET and the HTTP Channel, .NET Remoting Gatekeepers

.NET roles and, Delegation, Checking Role Membership

ASP.NET security, More Information, Principal Permission Demands and Explicit Role Checks, Platform/Transport Security Architecture

custom identities and, Choose the Identities Used for Resource Access

Forms authentication, Configurable Security

Windows authentication with impersonation, Programmatic Security, Configurable Security

Windows authentication without impersonation, Configurable Security, Configurable Security

principals., The Foundations, The Foundations, Evidence and Security Policy, WindowsPrincipal and WindowsIdentity

(see also )

as authenticated clients, The Foundations

classes, WindowsPrincipal and WindowsIdentity

identities and, Evidence and Security Policy

(see also )

privacy, Authorization, Secure Communication, Using Multiple Database Roles, How To: Call a Web Service Using SSL, How To: Use IPSec to Provide Secure Communication Between Two Servers, Certificate Stores

(see also )

private keys, Keys and Certificates

privileges., More Information, Security for Server and Library Applications, Summary

(see also )

assigning, Summary

library application, Security for Server and Library Applications

process identity., ASP.NET and HttpContext.User, Choose the Identities Used for Resource Access, Custom Authentication, Avoid Running as SYSTEM, Avoid Running as SYSTEM, Avoid Running as SYSTEM, Accessing Network Resources, Storing Secrets, Securing the Database Connection String, Identifying Callers, Accessing Network Resources, Accessing Network Resources, Accessing Network Resources, Windows Authentication, Auditing, Using Forms Authentication

(see also )

.NET remoting and, Accessing Network Resources

accessing network resources, Accessing Network Resources, Accessing Network Resources

as least privileged account, Custom Authentication

as secret, Storing Secrets

avoiding SYSTEM account as, Avoid Running as SYSTEM

choosing, for Enterprise Services, Identifying Callers

data access security and, Windows Authentication

default ASPNET account for, Avoid Running as SYSTEM

(see also )

domain controllers and, Avoid Running as SYSTEM

resource access and, Choose the Identities Used for Resource Access

SQL Server, Auditing

troubleshooting, Using Forms Authentication

using current, Accessing Network Resources

Windows authentication and, Securing the Database Connection String

processes, Remoting and Web Services, Authentication, Solution Implementation, Choosing a Host Process, Requirements

.NET remoting, Remoting and Web Services

authentication levels and, Authentication

certificate authentication and, Solution Implementation

choosing host, for .NET remoting, Choosing a Host Process

server, and delegation, Requirements

programmatic security, ASP.NET, Preventing Files from Being Downloaded, An Authorization Pattern, An Authorization Pattern, An Authorization Pattern, An Authorization Pattern, Create an IPrincipal Object, Create an IPrincipal Object, More Information

authorization based on user identity and/or role membership, Create an IPrincipal Object

authorization pattern, An Authorization Pattern

creating custom IPrincipal class, More Information

creating IPrincipal objects, An Authorization Pattern

putting IPrincipal objects in HTTP contexts, Create an IPrincipal Object

putting users in roles, An Authorization Pattern

retrieving and validating credentials, An Authorization Pattern

programmatic security., Intranet Security, Intranet Security, Programmatic Security, Configurable Security, Configurable Security, Configuring Impersonation Levels for an Enterprise Services Application, Configurable Security, Configurable Security, Configurable Security, Configurable Security, ASP.NET and the HTTP Channel, Using DefaultCredentials

(see also )

.NET remoting, ASP.NET and the HTTP Channel, Using DefaultCredentials

ASP.NET., Intranet Security (see )

Enterprise Services role-based, Configuring Impersonation Levels for an Enterprise Services Application

Forms authentication, Configurable Security

Web services, Configurable Security, Configurable Security

Windows authentication with impersonation, Programmatic Security, Configurable Security

Windows authentication without impersonation, Configurable Security, Configurable Security

promotion, authentication level, Authentication

proxies, Calling Serviced Components from ASP.NET, Disable HTTP-GET, HTTP-POST, Configuring the Web Server, Configuring the Web Server, Configuring the Web Server, .NET Remoting Architecture, Configuring the Web Server, Configuring the Web Server, Configuring the Web Server

.NET remoting, .NET Remoting Architecture, Configuring the Web Server, Configuring the Web Server, Configuring the Web Server

interface, Calling Serviced Components from ASP.NET

Web services, Disable HTTP-GET, HTTP-POST, Configuring the Web Server, Configuring the Web Server, Configuring the Web Server

proxy server authentication, Proxy Server Authentication

public keys, Keys and Certificates