Buy Used
Used - Very Good See details
Price: 2.00

Have one to sell? Sell yours here
Sorry, this item is not available in
Image not available for
Image not available

Tell the Publisher!
Id like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

ASP.NET Security [Paperback]

Brady Gaster , Dan Kent , Enrico Sabbadin , Richard Conway , Russ Basiura , Sitaraman Lakshminarayanan , Doug Seven , Srinivasa Sivakumar
5.0 out of 5 stars  See all reviews (1 customer review)

Available from these sellers.

Book Description

1 Aug 2002 1861006209 978-1861006202
If you are building web applications or web services with ASP.NET and you want to keep them secure, this is the book for you.

This book will show you how to make effective use of the security framework provided by ASP.NET.We cover the key technologies for authentication (identifying users) and authorization (controlling access to recources). We also show how we can use other ASP.NET features to keep our applications secure.

ASP.NET provides a flexible and extensible authentication framework. We present the built in options for authentication, discussing when they should be used and showing how they should be applied for maximum security. For those who have needs beyond what the standard authentication methods provide, we show how to extend and enhance them to create custom security systems.

Authorization is covered in depth. We show how to use the built in authorization system to control access to the resources that a web application exposes. We then take things further by showing how to extend the system to address more advanced authorization scenarios.

Good configuration is vital if our applications are to be secure. We explain how to configure IIS and ASP.NET so that they work together to provide good security.

Even with a good authentication and authorization system, there are still many ways in which a web application can be attacked. We show how we can code ASP.NET applications to avoid the most common vulnerabilities.

Code Access Security, a good way to restrict what operations code can perform, is introduced with examples that show how it can be applied.

Most of the techniques presented in the rest of the book apply just as well to web services as to browser based web applications. We also discuss some additional techniques particular to web services.

Product details

  • Paperback: 400 pages
  • Publisher: WROX Press Ltd (1 Aug 2002)
  • Language: English
  • ISBN-10: 1861006209
  • ISBN-13: 978-1861006202
  • Product Dimensions: 22.9 x 18.3 x 2.8 cm
  • Average Customer Review: 5.0 out of 5 stars  See all reviews (1 customer review)
  • Amazon Bestsellers Rank: 2,376,207 in Books (See Top 100 in Books)
  • See Complete Table of Contents

More About the Authors

Discover books, learn about writers, and more.

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Reviews

4 star
3 star
2 star
1 star
5.0 out of 5 stars
5.0 out of 5 stars
Most Helpful Customer Reviews
3 of 3 people found the following review helpful
5.0 out of 5 stars Gregors Review for Asp.Net Security 23 Jan 2003
The book is superb in all areas - well laid out, easy to follow and a superb reference for any .Net developers.
Covers all areas of security from IIS to web services and the config files. Also authentication and authorisation and why you may want to do them.
Best of all, are the recommendations on building apps which you know are secured properly.
Comment | 
Was this review helpful to you?
Most Helpful Customer Reviews on (beta) 4.4 out of 5 stars  5 reviews
1 of 1 people found the following review helpful
3.0 out of 5 stars Covers a lot of topics but leaves a lot questions unanswered 29 Oct 2003
By A Customer - Published on
Format:Paperback|Verified Purchase
This books covers a lot and makes you aware of all the possible security issues in a web application. At the time I bought it there were only two or three books on this topic so I didn't have much choice.
Maybe because I'm using 1.1 framework, but I found problems with Chapter 14 discussing Web Service Security. There were two typos in the sample Web.Config. "loginurl" should be "loginUrl" and "all" should be "All" since case it's case sensitive. Also, the only way I got the sample on page 353 to work was ignore the instructions and to comment out the whole "<deny users='?'/>" section. Frustrating. Makes me wonder about the rest of the book.
1 of 1 people found the following review helpful
5.0 out of 5 stars Good, no-nonsense stuff 2 April 2003
By F B - Published on
I'm enjoying this book. The authors break things down thoroughly, providing numerous approaches to a particular task, for example, authentication. They provide concepts first and then apply it using differnt methods, for example, authenticating a user from credentials stored in XML file, SQL db, etc.
Nothing seems to be skipped in this book regarding the topics they cover. It leaves little if nothing to be desired.
Well done Wrox!
2 of 3 people found the following review helpful
5.0 out of 5 stars essential 31 Jan 2003
By futurefruit - Published on
I m surprised at the book not being reviewed enough. It s an absolute essential, very well written and real-world wise. I think most people go for language books, ignoring such importand matters as security. How are they planning to deploy their web apps, I wonder.
One of the first things to learn from the book is that security is not only an administrator's task but half the job needs to be done by the developer. And that 's where this book comes in. I feel much more confident after reading it, all my question are answered.
A bravo! to WROX for doing it again.
1 of 2 people found the following review helpful
4.0 out of 5 stars Wha? 21 Jun 2003
By Dennis Adams - Published on
Format:Paperback|Verified Purchase
Lot's of good recommedations, but not focused enough. Maybe it's because .NET security is still a hodege-pod of techniques that has no roadmap to follow. Geez...I still don't know what technique(s) to use for a particular situation. I can figure it out, but if I have to do that, what's the sense of buying the book?
3 of 15 people found the following review helpful
5.0 out of 5 stars Perfect For my needs 28 Oct 2002
By niko - Published on
This book really help my to quickly and efficiently understand Forms security in ASP.NET
I've applied the solution to my app and it works great
Special thanks to Dan Kent how help me to solve my particular problem
As usual Wrox is Beautiful ;-)
Were these reviews helpful?   Let us know
Search Customer Reviews
Only search this product's reviews

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
First post:
Prompts for sign-in

Search Customer Discussions
Search all Amazon discussions

Look for similar items by category