MAIN
Home
What's New
Links
Free Programming Tutorials
Perl & CGI Scripts
Phone Tools
Programming Tutorials
Visual Basic Codes
ASP Scripts
Database Tutorials
FREE EBOOK
Oreilly Free Ebooks
Free ebook : ASP, ASP.NET
Free ebook : C, C++, C# (C Sharp)
Free ebook : Flash
Free Ebook : Java
Free Ebook : Javascript
Free ebook : Linux
Free ebook : Oracle
Free ebook : PHP & MySQL
Free ebook : Python
Free ebook : Visual Basic & Visual Basic.NET
Free ebook : Web Design, Web Programming, Web Development Related
Free ebook : Office, Word Processor, Spreadsheet & Related
Other Free Computer and Programming Ebook
Other Free Ebooks
FREE EBOOK CHAPTER/SAMPLE
Java ebooks
General .NET ebooks
C /C++ /C# ebooks
Visual Basic/ Visual Basic.NET ebooks
Oracle ebooks
PHP/MySQL ebooks
Free Web Design/ Development ebooks chapter
System Administration/ Networking/ Wireless ebooks
Technology ebooks
FREE MAGAZINE
Free Computer Magazine
Free Internet Magazine
Free Information Technology Magazine
Free Multimedia Magazine
Free Network Magazine
Free Telecommunication & Wireless Magazine
Free Programming Books
Free download ebooks on computer and programming

Free Ebook ".NET Security" Sample Chapter

.NET Security
Free Download Chapter 5: Role Access Security
Download chapter

When you use .NET to create client-and server-side applications, you have to address a new and large set of security issues. .NET Security shows you what you need to know by covering different aspects of the .NET security model through detailed discussions about the key namespaces. The authors demonstrate how to write .NET code to create secure systems within the .NET Framework. They also discuss possible break-ins to the security model in .NET-and how .NET prevents such intrusions.

This tutorial explains how to use the .NET security and cryptographic classes, and functions as a reference manual for developers seeking to understand security implementation in the .NET Framework. Additionally, the .NET Framework requires understanding in many new areas like managed code, permissions, and evidence-all of which this dynamic book covers.

< < prev next > >

Role Access Security

IN THIS CHAPTER, you'll investigate how to use Role Access Security (RAS) to protect resources. You'll study the definitions that are found in .NET and how they work. Finally, you'll learn about impersonation and how it works in .NET.

Let's start by looking at the .NET types that are used in RAS from a coding perspective.

Using .NET Class Definitions

All of the .NET class definitions types are in the System.Security.Principal namespace, and all can be found in the mscorlib assembly. Some classes define what identities and principals there are along with their relationship to each other. Other classes exist that help in defining how identities and principals are established for the current thread of execution. In this section, I'll cover the basics of these classes.

Let's start by looking at the definition of an identity in .NET.

IIdentity Interface

The IIdentity interface is used to define information about a user. Typically, that user is running the current code, although there's no requirement that a class that implements this interface has to relate to the underlying OS user. IIdentity defines three read-only properties:

  • Name: A string that defines the logical name of the user. This can take on any form-a typical format is "domain\user" (for example, "apress\jbock").
  • AuthenticationType: A string that defines the kind of authentication used to verify the user. Examples of common authentication schemes are Kerebos and Passport.
  • IsAuthenticated: A Boolean that states whether the current user has been authenticated.

.NET supplies the four following implementations of IIdentity:

  • GenericIdentity
  • WindowsIdentity
  • FormsIdentity
  • PassportIdentity