tailieunhanh - Applications Built Security
Managing Security Applications built by using the Microsoft .NET Framework have a range of mechanisms available for ensuring that the users who run those applications have the appropriate privileges. | Managing Security Applications built by using the Microsoft .NET Framework have a range of mechanisms available for ensuring that the users who run those applications have the appropriate privileges. Some of the techniques available rely on authenticating users based on some form of identifier and password whereas others are based on the integrated security features of Microsoft Windows. If you are creating a Web application that will be accessed over the Internet using Windows security is probably not an option users are unlikely to be members of any Windows domain recognized by the Web application and might be running an operating system other than Windows such as UNIX. Therefore the best option to use in this environment is Forms-based security. Understanding Forms-Based Security Forms-based security allows you to verify the identity of a user by displaying a login form that prompts the user for an ID and a password. After the user has been authenticated the various Web Forms that comprise the application can be accessed and the user s security credentials can be examined by code on any page if additional authorization is needed a user might be able to log in to the system but might not have access to every part of the application . To use Forms-based security you must configure the Web application by making some changes to the file and you must also supply a form to validate the user. The security form will be displayed whenever the user tries to gain access to any page in the application if the user has not already been validated. The user will be able to proceed to the requested page only if the logic in the login form verifies the user s identity. IMPORTANT It might seem to the uninitiated that Forms-based security is excessive. It s not. Don t be tempted to simply create a login form that acts as an entry point to your application and assume that users will always access your application through it. Browsers can cache forms and .
đang nạp các trang xem trước