ASP. NET development security issues
The reason why I want to write an article on ASP. NET security is my own experience. I want to learn ASP by myself. when I was in. NET, I looked around for security articles. At that time, I found many articles that showed me how to use them. For example, which five of the main security problems are there, I just briefly told me what Forms authentication is and what Passport authentication is. I don't feel so deeply understood. I believe that till today, many of my friends are still not clear about all aspects of Forms authentication, but are still confused about Session ["UserName"] And FormsAuthentication authentication. NET1.x verification method and ASP. membership after NET2.0 is not very clear.
Basically, the articles in this series are listed as follows:
1. Create a secure Web application: Describes all aspects of security.
2. Security in customers' eyes
3. How to store secrets
4. Database Access
5. Implement password security policies
6. ASP. NET Security Architecture
7. Window authentication interview
8. NET Passport verification interview
9. Forms Verification
10. Custom Authentication
11. Authorization Problems
12. Transition from ASP. NET1.x to ASP. NET2.0 verification -- mainly describes what is Membership,
13. Let's talk about Membership and custom extensions.
14. code access security
15. Counterfeiting Problems
Reprinted original address: http://www.cnblogs.com/yanyangtian/archive/2009/05/28/1491227.html