Security is one of the primary concerns for developers and application architects. Developers need to know how the security works and choose the appropriate security model for different applications. At the application level, Web security is first and foremost about securing pages so that they can't be retrieved by unauthorized users.
Fundamental Operations of ASP.NET Security
ASP.NET application involves 3 fundamental operations:
1. Authentication
2. Authorization
3. Impersonation
1.Authentication:
The process of validating the identity of a user to allow or deny a request .This involves accepting credentials from the users and validating it against a designated authority. After the identity is verified and validated, the user is considered to be legal and the resource request is fulfilled. Future request from the same user ideally are not subject to the authentication process until the user logs out of the web application.
2.Authorization:
The process of ensuring that users with valid identity are allowed to access specific resources.
3.Impersonation:
This process enables an application to ensure the identity of the user, and in turn make request to the other resources. Access to resources will be granted or denied based on the identity that is being impersonated. In other words, impersonation enables a server process to run using the security credentials of the client.
Thus, the ASP.NET applications are capable to execute the identity of client on whose behalf they are operating.
Aspnet Discussion
- - Any idea??
- - How to Encode-Decode URL
- - Change IE settings using
- - Excel problem
- - Example of Server.Transfe
