Thanks to external reviewers–Keith Brown (DevelopMentor) for review and feedback on the ASP.NET chapter, Andy Eunson for providing scenarios on middleware applications, John Langley (KANA Software) for bringing J2EE and .NET perspectives to the table, Kurt Dillard and Christof Sprenger for reviewing application scenarios and the authentication and authorization process, J.K.Meadows and David Alberto for reviewing application scenarios and individual chapters and Bernard Chen (Sapient) for reviewing the authentication and authorization process

Product Group–Thanks to Manish Prabhu, Jesus Ruiz-Scougall, Jonathan Hawkins and Doug Purdy from the .NET Remoting team; Keith Ballinger Yann Christensen and Alexei Vopilov from the Web Services team; Laura Barsan from the ASP.NET team; Greg Fee (.NET Roles / Principal permission checks), Greg Singleton and Sebastian Lange (CAS); Tarik Soulami from the CLR team; Erik Olson (extensive validation and recommendations on ASP.NET); Caesar Samsi (for sharing in depth e-commerce Internet facing application scenarios), Riyaz Pishori, Shannon Pahl and Ron Jacobs (Enterprise Services), Dave McPherson (Windows security architecture and authorization strategies), Christopher Brown (helping resolve cross product issues), John Banes (DPAPI), Joel Scambray, Girish Chander (SQL Server security)

MCS / Field–William Zentmayer (Remote application tier scenarios with Enterprise Services), Shantanu Sarkar (validation of application architecture scenarios), Carl Nolan (Web services), Samuel Melendez and Jacquelyn Schmidt (infrastructure and deployment scenarios), Steve Busby, Len Cardinal, Monica DeZulueta, Paula Paul (Data Access and Web application security), Ed Draper, Sean Finnegan (pushing Active Directory and Windows authentication with technical depth and practical scenarios), David Alberto, Kenny Jones (for bringing real world field issues to the table and helping to involve the field), Doug Orange (real world Extranet authorization scenarios), Alexey Yeltsov (SQL Injection), Martin Kohlleppel (Architecture review), Joel Yoker (firewalls and IPSec)

Special thanks to Jay Nanduri (Microsoft.com) for reviewing and sharing real world experiences, Ilia Fortunov (Senior Architect) for providing continuous and diligent feedback and Aaron Margosis (MCS) for thoroughly reviewing several chapters and making excellent suggestions at various stages of the project.

Special thanks to Product Support Services folks for contributing and reviewing various portions of the guide–Venkat Chilakala (Troubleshooting section), John Allen and Jeremy Bostron (ASP.NET), Martin Petersen-Frey (simplifying and helping to structure the Remoting and Web Service portions of the guide), Karl Westerholm (SSL), Jayaprakasam Siddian Thirunavukkarasu (SQL Roles and ADO), Wade Mascia (valuable feedback on Enterprise Services, COM threading, ASP.NET and Web services), Ryan Kivett (IIS6 and ASP.NET), Sarath Mallavarapu (Data Access), Jerry Bryant (bringing community issues to the table) and Peter Kyte for resources

Thanks also, to Philip Teale, Ram Sunkara, Shaun Hayes, Eric Schmidt, Michael Howard, Rich Benack, Carlos Lyons, Ted Kehl. Thanks to Peter Dampier, Mike Sherrill and Devendra Tiwari from the Enterprise Alliance team for validating our application scenarios. Thanks to Tavi Siochi (IT Audit) for feedback on SQL Injection.

Finally, thanks to our colleagues on the patterns & practices team: Per Vonge Nielsen, Andrew Mason, Edward Jezierski, Sandy Khaund, Tina Burden, Edward Lafferty, Peter M. Clift, John Munyon, Mohammad Al-Sabt, Anandha Murukan and Chris Sfanos.