SlideShare une entreprise Scribd logo

2310 b 16

Télécharger en tant que PPT, PDF
K
Krazy Koder
Technologie
1  sur  26
Module 16: Securing a Microsoft ASP.NET Web Application
Overview ,[object Object],[object Object],[object Object],[object Object]
Lesson: Web Application Security Overview ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Authentication vs. Authorization ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
What Are ASP.NET Authentication Methods? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Multimedia: ASP.NET Authentication Methods
Comparing the ASP.NET Authentication Methods ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Advantages ,[object Object],[object Object],Microsoft Passport Authentication ,[object Object],Forms-based Authentication ,[object Object],Windows-based Authentication Disadvantages Method
What Are the IIS Authentication Mechanisms? High Medium Low (Medium with SSL) None Security Level ,[object Object],[object Object],[object Object],Integrated Windows ,[object Object],[object Object],[object Object],Digest ,[object Object],[object Object],[object Object],Basic ,[object Object],Anonymous Description Mechanisms
Demonstration: Using IIS Authentication Mechanisms ,[object Object],[object Object],[object Object],[object Object],methods
What Is Secure Sockets Layer? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Lesson: Working with Windows-Based Authentication ,[object Object],[object Object],[object Object]
How to Enable Windows-Based Authentication ,[object Object],[object Object],[object Object],[object Object],[object Object],1 2 <system.web> <authentication mode=&quot;Windows&quot; /> </system.web>
How to Enable Windows-Based Authentication ( continued ) ,[object Object],[object Object],<location path=&quot;ShoppingCart.aspx&quot;> <system.web> <authorization> <deny users=&quot;?&quot;/> </authorization> </system.web> </location> 4 3
Reading User Information ,[object Object],lblAuthUser.Text = User.Identity.Name lblAuthType.Text = User.Identity.AuthenticationType lblIsAuth.Text = User.Identity.IsAuthenticated lblAuthUser.Text = User.Identity.Name; lblAuthType.Text = User.Identity.AuthenticationType; lblIsAuth.Text = User.Identity.IsAuthenticated;
Demonstration: Using Windows-Based Authentication ,[object Object],[object Object],[object Object],[object Object],[object Object]
Lesson: Working with Forms-Based Authentication ,[object Object],[object Object],[object Object],[object Object],[object Object]
Overview of Forms-Based Authentication Client requests page Authorized ASP.NET Forms Authentication Not Authenticated Authenticated Logon Page (Users enter their credentials) Authenticated Authentication Cookie Authorized Not Authenticated Access Denied Requested Secure Page IIS Username Password Someone *********** Submit 1 2 3 4 6 5 7  
Multimedia: Forms-Based Authentication
How to Enable Forms-Based Authentication ,[object Object],[object Object],[object Object],[object Object],1 2 3 4 <authentication mode=&quot;Forms&quot; > < forms name=&quot;.namesuffix&quot; loginUrl=&quot;login.aspx&quot; /> </authentication>
[object Object],[object Object],[object Object],[object Object],Creating a Logon Page Sub cmdLogin_Click(s As Object, e As eventArgs) If (login(txtEmail.Text, txtPassword.Text)) FormsAuthentication.RedirectFromLoginPage(txtEmail.Text, False) End If End Sub private void cmdLogin_Click(object sender, EventArgs e) { if (login(txtEmail.Text, txtPassword.Text)) FormsAuthentication.RedirectFromLoginPage(txtEmail.Text, false); }
Demonstration: Using Forms-Based Authentication ,[object Object],[object Object],[object Object],[object Object],[object Object]
Lesson: Overview of Microsoft Passport Authentication ,[object Object],[object Object]
How Microsoft Passport Works Website.msft Client Passport.com The client requests a page from the host 1 2 3 4 5 The site redirects the client to Passport.com The client is redirected and logs on to Passport.com Passport returns a cookie with the ticket information 6 The client accesses the host, this time with ticket information The host returns a Web Form and possibly a new cookie that it can read and write
Other Microsoft Passport Resources ,[object Object],[object Object],[object Object]
Review ,[object Object],[object Object],[object Object],[object Object]
Lab 16: Securing a Microsoft ASP.NET Web Application Medical Medical.aspx Benefits Home Page Default.aspx Life Insurance Life.aspx Retirement Retirement.aspx Dental Dental.aspx Dentists Doctors Doctors.aspx Doctors Logon Page Login.aspx Registration Register.aspx Coho Winery Prospectus Prospectus.aspx XML Web Service dentalService1.asmx Page Header Header.ascx ASPState tempdb Lab Web Application User Control namedate.ascx Menu Component Class1.vb or Class1.cs XML Files Web. config

Recommandé

Simplify user application authentication using Microsoft Identity Platform
Simplify user application authentication using Microsoft Identity PlatformSimplify user application authentication using Microsoft Identity Platform
Simplify user application authentication using Microsoft Identity Platform
Manoj Mittal
 
Secure Code Warrior - Cookies and sessions
Secure Code Warrior - Cookies and sessionsSecure Code Warrior - Cookies and sessions
Secure Code Warrior - Cookies and sessions
Secure Code Warrior
 
Secure Code Warrior - Local storage
Secure Code Warrior - Local storageSecure Code Warrior - Local storage
Secure Code Warrior - Local storage
Secure Code Warrior
 
Secure Code Warrior - Authentication
Secure Code Warrior - AuthenticationSecure Code Warrior - Authentication
Secure Code Warrior - Authentication
Secure Code Warrior
 
OAuth 2.0 Misconceptions
OAuth 2.0 MisconceptionsOAuth 2.0 Misconceptions
OAuth 2.0 Misconceptions
Cory Forsyth
 
Securing Single Page Applications with Token Based Authentication
Securing Single Page Applications with Token Based AuthenticationSecuring Single Page Applications with Token Based Authentication
Securing Single Page Applications with Token Based Authentication
Stefan Achtsnit
 
Secure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scriptingSecure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scripting
Secure Code Warrior
 
Web application attack Presentation
Web application attack PresentationWeb application attack Presentation
Web application attack Presentation
Khoa Nguyen
 

Recommandé

Simplify user application authentication using Microsoft Identity Platform
Simplify user application authentication using Microsoft Identity PlatformSimplify user application authentication using Microsoft Identity Platform
Simplify user application authentication using Microsoft Identity Platform
Manoj Mittal
 
Secure Code Warrior - Cookies and sessions
Secure Code Warrior - Cookies and sessionsSecure Code Warrior - Cookies and sessions
Secure Code Warrior - Cookies and sessions
Secure Code Warrior
 
Secure Code Warrior - Local storage
Secure Code Warrior - Local storageSecure Code Warrior - Local storage
Secure Code Warrior - Local storage
Secure Code Warrior
 
Secure Code Warrior - Authentication
Secure Code Warrior - AuthenticationSecure Code Warrior - Authentication
Secure Code Warrior - Authentication
Secure Code Warrior
 
OAuth 2.0 Misconceptions
OAuth 2.0 MisconceptionsOAuth 2.0 Misconceptions
OAuth 2.0 Misconceptions
Cory Forsyth
 
Securing Single Page Applications with Token Based Authentication
Securing Single Page Applications with Token Based AuthenticationSecuring Single Page Applications with Token Based Authentication
Securing Single Page Applications with Token Based Authentication
Stefan Achtsnit
 
Secure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scriptingSecure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scripting
Secure Code Warrior
 
Web application attack Presentation
Web application attack PresentationWeb application attack Presentation
Web application attack Presentation
Khoa Nguyen
 
Shoot Me a Token: OpenAM as an OAuth2 Provider
Shoot Me a Token: OpenAM as an OAuth2 ProviderShoot Me a Token: OpenAM as an OAuth2 Provider
Shoot Me a Token: OpenAM as an OAuth2 Provider
ForgeRock
 
Common Web Application Attacks
Common Web Application Attacks Common Web Application Attacks
Common Web Application Attacks
Ahmed Sherif
 
Session management
Session management Session management
Session management
Dhruv Aggarwal
 
Authorization and Authentication using IdentityServer4
Authorization and Authentication using IdentityServer4Authorization and Authentication using IdentityServer4
Authorization and Authentication using IdentityServer4
Aaron Ralls
 
SSO (Single Sign On/Off)
SSO (Single Sign On/Off)SSO (Single Sign On/Off)
SSO (Single Sign On/Off)
Russel Mahmud
 
Openid & Oauth: An Introduction
Openid & Oauth: An IntroductionOpenid & Oauth: An Introduction
Openid & Oauth: An Introduction
Steve Ivy
 
How to authenticate users in your apps using FI-WARE Account - Introduction
How to authenticate users in your apps using FI-WARE Account - IntroductionHow to authenticate users in your apps using FI-WARE Account - Introduction
How to authenticate users in your apps using FI-WARE Account - Introduction
Javier Cerviño
 
Dat403 Massie
Dat403 MassieDat403 Massie
Dat403 Massie
StatisticsIO
 
Com Ed 8 Finals
Com Ed 8 FinalsCom Ed 8 Finals
Com Ed 8 Finals
bluejayjunior
 
Web application attacks
Web application attacksWeb application attacks
Web application attacks
hruth
 
Phishing
PhishingPhishing
Phishing
HK Khemnani
 
2019 - Tech Talk DC - Token-based security for web applications using OAuth2 ...
2019 - Tech Talk DC - Token-based security for web applications using OAuth2 ...2019 - Tech Talk DC - Token-based security for web applications using OAuth2 ...
2019 - Tech Talk DC - Token-based security for web applications using OAuth2 ...
Vladimir Bychkov
 
Json web token api authorization
Json web token api authorizationJson web token api authorization
Json web token api authorization
Giulio De Donato
 
Session 4 : securing web application - Giáo trình Bách Khoa Aptech
Session 4 : securing web application - Giáo trình Bách Khoa AptechSession 4 : securing web application - Giáo trình Bách Khoa Aptech
Session 4 : securing web application - Giáo trình Bách Khoa Aptech
MasterCode.vn
 
Preventing XSRF in ASP.NET CORE apps
Preventing XSRF in ASP.NET CORE appsPreventing XSRF in ASP.NET CORE apps
Preventing XSRF in ASP.NET CORE apps
Fiyaz Hasan
 
FI-WARE Account and OAuth solution
FI-WARE Account and OAuth solutionFI-WARE Account and OAuth solution
FI-WARE Account and OAuth solution
Javier Cerviño
 
Web Security Attacks
Web Security AttacksWeb Security Attacks
Web Security Attacks
Sajid Hasan
 
STORED XSS IN DVWA
STORED XSS IN DVWASTORED XSS IN DVWA
STORED XSS IN DVWA
Rutvik patel
 
AJAX: How to Divert Threats
AJAX: How to Divert ThreatsAJAX: How to Divert Threats
AJAX: How to Divert Threats
Cenzic
 
AJAX Security - LAC2016
AJAX Security - LAC2016AJAX Security - LAC2016
AJAX Security - LAC2016
Julia Logan a.k.a. IrishWonder
 
ASP.NET 13 - Security
ASP.NET 13 - SecurityASP.NET 13 - Security
ASP.NET 13 - Security
Randy Connolly
 
08 asp.net session11
08 asp.net session1108 asp.net session11
08 asp.net session11
Vivek chan
 

Contenu connexe

Tendances

Session 4 : securing web application - Giáo trình Bách Khoa Aptech
Session 4 : securing web application - Giáo trình Bách Khoa AptechSession 4 : securing web application - Giáo trình Bách Khoa Aptech
Session 4 : securing web application - Giáo trình Bách Khoa Aptech
MasterCode.vn
 

Tendances (20)

Shoot Me a Token: OpenAM as an OAuth2 Provider
Shoot Me a Token: OpenAM as an OAuth2 ProviderShoot Me a Token: OpenAM as an OAuth2 Provider
Shoot Me a Token: OpenAM as an OAuth2 Provider
 
Common Web Application Attacks
Common Web Application Attacks Common Web Application Attacks
Common Web Application Attacks
 
Session management
Session management Session management
Session management
 
Authorization and Authentication using IdentityServer4
Authorization and Authentication using IdentityServer4Authorization and Authentication using IdentityServer4
Authorization and Authentication using IdentityServer4
 
SSO (Single Sign On/Off)
SSO (Single Sign On/Off)SSO (Single Sign On/Off)
SSO (Single Sign On/Off)
 
Openid & Oauth: An Introduction
Openid & Oauth: An IntroductionOpenid & Oauth: An Introduction
Openid & Oauth: An Introduction
 
How to authenticate users in your apps using FI-WARE Account - Introduction
How to authenticate users in your apps using FI-WARE Account - IntroductionHow to authenticate users in your apps using FI-WARE Account - Introduction
How to authenticate users in your apps using FI-WARE Account - Introduction
 
Dat403 Massie
Dat403 MassieDat403 Massie
Dat403 Massie
 
Com Ed 8 Finals
Com Ed 8 FinalsCom Ed 8 Finals
Com Ed 8 Finals
 
Web application attacks
Web application attacksWeb application attacks
Web application attacks
 
Phishing
PhishingPhishing
Phishing
 
2019 - Tech Talk DC - Token-based security for web applications using OAuth2 ...
2019 - Tech Talk DC - Token-based security for web applications using OAuth2 ...2019 - Tech Talk DC - Token-based security for web applications using OAuth2 ...
2019 - Tech Talk DC - Token-based security for web applications using OAuth2 ...
 
Json web token api authorization
Json web token api authorizationJson web token api authorization
Json web token api authorization
 
Session 4 : securing web application - Giáo trình Bách Khoa Aptech
Session 4 : securing web application - Giáo trình Bách Khoa AptechSession 4 : securing web application - Giáo trình Bách Khoa Aptech
Session 4 : securing web application - Giáo trình Bách Khoa Aptech
 
Preventing XSRF in ASP.NET CORE apps
Preventing XSRF in ASP.NET CORE appsPreventing XSRF in ASP.NET CORE apps
Preventing XSRF in ASP.NET CORE apps
 
FI-WARE Account and OAuth solution
FI-WARE Account and OAuth solutionFI-WARE Account and OAuth solution
FI-WARE Account and OAuth solution
 
Web Security Attacks
Web Security AttacksWeb Security Attacks
Web Security Attacks
 
STORED XSS IN DVWA
STORED XSS IN DVWASTORED XSS IN DVWA
STORED XSS IN DVWA
 
AJAX: How to Divert Threats
AJAX: How to Divert ThreatsAJAX: How to Divert Threats
AJAX: How to Divert Threats
 
AJAX Security - LAC2016
AJAX Security - LAC2016AJAX Security - LAC2016
AJAX Security - LAC2016
 

Similaire à 2310 b 16

08 asp.net session11
08 asp.net session1108 asp.net session11
08 asp.net session11
Vivek chan
 
Luminis Iv To Exchange Labs
Luminis Iv To Exchange LabsLuminis Iv To Exchange Labs
Luminis Iv To Exchange Labs
Melissa Miller
 
Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...
AntonioMaio2
 
Authentication Models
Authentication ModelsAuthentication Models
Authentication Models
Raj Chanchal
 
Claims Based Identity In Share Point 2010
Claims Based Identity In Share Point 2010Claims Based Identity In Share Point 2010
Claims Based Identity In Share Point 2010
Steve Sofian
 
08 asp.net session11
08 asp.net session1108 asp.net session11
08 asp.net session11
Mani Chaubey
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
Danny Jessee
 

Similaire à 2310 b 16 (20)

ASP.NET 13 - Security
ASP.NET 13 - SecurityASP.NET 13 - Security
ASP.NET 13 - Security
 
08 asp.net session11
08 asp.net session1108 asp.net session11
08 asp.net session11
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
 
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
 
Luminis Iv To Exchange Labs
Luminis Iv To Exchange LabsLuminis Iv To Exchange Labs
Luminis Iv To Exchange Labs
 
Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...
 
Bh Win 03 Rileybollefer
Bh Win 03 RileybolleferBh Win 03 Rileybollefer
Bh Win 03 Rileybollefer
 
Authentication Models
Authentication ModelsAuthentication Models
Authentication Models
 
Claims Based Identity In Share Point 2010
Claims Based Identity In Share Point 2010Claims Based Identity In Share Point 2010
Claims Based Identity In Share Point 2010
 
Implementing application security using the .net framework
Implementing application security using the .net frameworkImplementing application security using the .net framework
Implementing application security using the .net framework
 
ASP.NET Lecture 5
ASP.NET Lecture 5ASP.NET Lecture 5
ASP.NET Lecture 5
 
08 asp.net session11
08 asp.net session1108 asp.net session11
08 asp.net session11
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
 
Claims-Based Identity in SharePoint 2010
Claims-Based Identity in SharePoint 2010Claims-Based Identity in SharePoint 2010
Claims-Based Identity in SharePoint 2010
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
 
MongoDB World 2019: Securing Application Data from Day One
MongoDB World 2019: Securing Application Data from Day OneMongoDB World 2019: Securing Application Data from Day One
MongoDB World 2019: Securing Application Data from Day One
 
Top Ten Tips For Tenacious Defense In Asp.Net
Top Ten Tips For Tenacious Defense In Asp.NetTop Ten Tips For Tenacious Defense In Asp.Net
Top Ten Tips For Tenacious Defense In Asp.Net
 
Security asp.net application
Security asp.net applicationSecurity asp.net application
Security asp.net application
 
Java Web Programming [9/9] : Web Application Security
Java Web Programming [9/9] : Web Application SecurityJava Web Programming [9/9] : Web Application Security
Java Web Programming [9/9] : Web Application Security
 
Tags
TagsTags
Tags
 

Plus de Krazy Koder

Plus de Krazy Koder (20)

2310 b xd
2310 b xd2310 b xd
2310 b xd
 
2310 b xd
2310 b xd2310 b xd
2310 b xd
 
2310 b xd
2310 b xd2310 b xd
2310 b xd
 
2310 b xc
2310 b xc2310 b xc
2310 b xc
 
2310 b xb
2310 b xb2310 b xb
2310 b xb
 
2310 b 17
2310 b 172310 b 17
2310 b 17
 
2310 b 16
2310 b 162310 b 16
2310 b 16
 
2310 b 15
2310 b 152310 b 15
2310 b 15
 
2310 b 15
2310 b 152310 b 15
2310 b 15
 
2310 b 14
2310 b 142310 b 14
2310 b 14
 
2310 b 13
2310 b 132310 b 13
2310 b 13
 
2310 b 12
2310 b 122310 b 12
2310 b 12
 
2310 b 11
2310 b 112310 b 11
2310 b 11
 
2310 b 10
2310 b 102310 b 10
2310 b 10
 
2310 b 09
2310 b 092310 b 09
2310 b 09
 
2310 b 08
2310 b 082310 b 08
2310 b 08
 
2310 b 08
2310 b 082310 b 08
2310 b 08
 
2310 b 08
2310 b 082310 b 08
2310 b 08
 
2310 b 07
2310 b 072310 b 07
2310 b 07
 
2310 b 06
2310 b 062310 b 06
2310 b 06
 

Dernier

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 

Dernier (20)

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 

2310 b 16

  • 1. Module 16: Securing a Microsoft ASP.NET Web Application
  • 2.
  • 3.
  • 4.
  • 5.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17. Overview of Forms-Based Authentication Client requests page Authorized ASP.NET Forms Authentication Not Authenticated Authenticated Logon Page (Users enter their credentials) Authenticated Authentication Cookie Authorized Not Authenticated Access Denied Requested Secure Page IIS Username Password Someone *********** Submit 1 2 3 4 6 5 7  
  • 19.
  • 20.
  • 21.
  • 22.
  • 23. How Microsoft Passport Works Website.msft Client Passport.com The client requests a page from the host 1 2 3 4 5 The site redirects the client to Passport.com The client is redirected and logs on to Passport.com Passport returns a cookie with the ticket information 6 The client accesses the host, this time with ticket information The host returns a Web Form and possibly a new cookie that it can read and write
  • 24.
  • 25.
  • 26. Lab 16: Securing a Microsoft ASP.NET Web Application Medical Medical.aspx Benefits Home Page Default.aspx Life Insurance Life.aspx Retirement Retirement.aspx Dental Dental.aspx Dentists Doctors Doctors.aspx Doctors Logon Page Login.aspx Registration Register.aspx Coho Winery Prospectus Prospectus.aspx XML Web Service dentalService1.asmx Page Header Header.ascx ASPState tempdb Lab Web Application User Control namedate.ascx Menu Component Class1.vb or Class1.cs XML Files Web. config