Foreword: The reason that wants to write the article of asp.net security problem, is to feel some experience of oneself. Want to learn the asp.net of their own time, everywhere to find articles on security, at that time found a lot of articles to tell me how to use, such as the security of the main question of which 5, but also just very briefly tell me what forms of authentication, what is Passport verification, It's not that deep to understand.
I believe that so far, many friends are not clear the various aspects of forms validation, but also in the session ["UserName"] and FormsAuthentication confused, the asp.net1.x verification methods and asp.net2.0 after the Membership is not very clear.
Basically, the list of articles in this series is as follows:
1. Create secure Web applications that describe all aspects of security.
2. Security in the eyes of customers
3. How to store Secrets
4. Database access rights
5. Implement password Security Policy
6.ASP. NET's security architecture
7.Window Authentication Face Interview
8.NET Passport Verification Face interview
9.Forms Verification
10. Custom Authentication
11. Delegation of authority
12. The transition from asp.net1.x to asp.net2.0 validation--mainly about membership what's going on,
13. Specifically talk about membership, and the customization of the extension
14. Code Access security
15. Counterfeiting Issues