.NET news » Security Security Rss Feed

Improving ASP.NET MVC MUSIC STORE more usability with DotNetAge in 30 minutes

Using the DotNetAge to upgrade the ASP.NET Mvc Music Store add widgets and security features just in minutes.
23 Nov 2010, 09:31:00   Source: Improving ASP.NET MVC MUSIC STORE more usability with...   Tags: Security

Examining ASP.NET 2.0's Membership, Roles, and Profile - Part 18

Membership, in a nutshell, is a framework build into the .NET Framework that supports creating, authenticating, deleting, and modifying user account information. Each user account has a set of core properties: username, password, email, a security question and answer, whether or not the account has been approved, whether or not the user is locked out of the system, and so on. These user-specific properties are certainly helpful, but they're hardly exhaustive - it's not uncommon for an application to need to track additional user-specific properties. For example, an online messageboard site might want to also also associate a signature, homepage URL, and IM address with each user account.

There are two ways to associate additional information with user accounts when using the Membership model. The first - which affords the greatest flexibility, but requires the most upfront effort - is to create a custom data store for this information. If you are using the SqlMembershipProvider, this would mean creating an additional database table that had as a primary key the UserId value from the aspnet_Users table and columns for each of the additional user properties. The second option is to use the Profile system, which allows additional user-specific properties to be defined in a configuration file. (See Part 6 for an in-depth look at the Profile system.)

This article explores how to store additional user information in a separate database table. We'll see how to allow a signed in user to update these additional user-specific properties and how to create a page to display information about a selected user. What's more, we'll look at using ASP.NET Routing to display user information using an SEO-friendly, human-readable URL like www.yoursite.com/Users/username.

2 Nov 2010, 19:00:00   Source: Examining ASP.NET 2.0's Membership, Roles, and Profile -...   Tags: Security

Security Briefs: Web Application Configuration Security Revisited

Bryan Sullivan follows up on configuration security with some relatively obscure—but important—web.config settings that should be addressed, and discusses a new free tool to help you find potential problems.
1 Nov 2010, 19:00:00   Source: Security Briefs: Web Application Configuration Security...   Tags: Security

SOHA - Service Oriented HTML Application (Session and Security)

Session Management, Navigation, Security and Data Sharing aspects of SOHA - Service Oriented HTML Application.
18 Oct 2010, 00:37:00   Source: SOHA - Service Oriented HTML Application (Session and...   Tags: Security

Bulk Office Protection Application

Adds another layer of security to your Word or Excel documents. Can search for and bulk process documents to add a protection password or change your protection password.
15 Oct 2010, 11:12:00   Source: Bulk Office Protection Application   Tags: Security

Create and Share (with a client app) a Random Encryption Key

One way to create a completely random encryption key, and sharing it with a client application

Webserver Security Check

This article contains a security check script and describes how to secure Windows and Linux webservers against hackers.
4 Oct 2010, 10:06:00   Source: Webserver Security Check   Tags: Security

Security Briefs: The MSF-Agile+SDL Process Template for TFS 2010

The MSF-Agile project template for Team Foundation Server makes it easy for your team to implement Agile techniques. The new MSF-Agile+SDL template adds Security Development Lifecycle requirements. We’ll show you how it works.
30 Aug 2010, 19:00:00   Source: Security Briefs: The MSF-Agile+SDL Process Template for...   Tags: Security

Using AOP to Implement Functional Requirements - Closing Dirty Forms

AOP can be exploited to implement functional requirements, in addition to non-function requirements such as security, transaction and etc. In this article, you'll also see examples of MVP and Memento patterns.
21 Jul 2010, 18:02:00   Source: Using AOP to Implement Functional Requirements - Closing...   Tags: Security

A .NET Encryption Library

This article introduces a .NET encryption library and demonstrates how to use the library with a WPF application.
26 Jun 2010, 11:25:00   Source: A .NET Encryption Library   Tags: Security