Information
The topic you requested is included in another documentation set. For convenience, it's displayed below. Choose Switch to see the topic in its original location.

ASP.NET Web Application Security

ASP.NET, in conjunction with Microsoft Internet Information Services (IIS), can authenticate user credentials such as names and passwords using any of the following authentication methods:

  • Windows: Basic, digest, or Integrated Windows Authentication (NTLM or Kerberos).

  • Forms authentication, in which you create a login page and manage authentication in your application.

  • Client Certificate authentication

ASP.NET controls access to site information by comparing authenticated credentials, or representations of them, to NTFS file system permissions or to an XML file that lists authorized users, authorized roles (groups), or authorized HTTP verbs.

This section contains topic that describe the specifics of ASP.NET security.

System.Web.Security

Describes the classes you need for ASP.NET security features.

ASP.NET Security

Describes common types of Web site security attacks and how to help prevent them.

Security in the .NET Framework

Describes general .NET Framework security concepts, services, and best practices.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

Show:
© 2014 Microsoft