Chapter 19. Security
Back in the good old days—before the Internet—when personal computers were mostly standalone or, at most, connected to an office LAN, security was not such a big deal. Until viruses were invented and became a real threat, security for most PCs meant screen-saver passwords and a lock on the office door.
All that has changed. Today's computers are interconnected in myriad ways, on local networks and over the Internet. The pipes of data that connect your machine to the rest of the world are double-edged swords: tremendously beneficial, but at the same time potentially harmful, opening your machine to outsiders. Some of those outsiders are malicious or just plain unwelcome. In any case, it is the job of security to let the good stuff in and keep the bad stuff out.
As part of the .NET Framework, ASP.NET has a very robust security infrastructure. ASP.NET is designed to work with Microsoft Internet Information Server (IIS), Windows 2000/XP/2003, and the NTFS filesystem. Consequently, there is tight integration with the security provided inherently in those environments. If you can be certain that all your clients will be using Windows and Internet Explorer, there are features you can take advantage of to make your job as software developer that much easier. Alternatively, you can implement your own security system completely independent of Windows or NTFS.
The fundamental role of security in ASP.NET is to selectively restrict access to portions of a web site. It does this through the following methods:
The decision to allow or deny access is made based on Windows 2000/XP/2003 and NTFS security features in conjunction with IIS, or by verifying credentials against a security database. The security database may be a traditional relational database, or it may be an XML file (although this may present scaling issues), or it may be housed in the web site configuration files.
As with much of ASP.NET, security is configurable and extensible using the configuration files discussed in detail in Chapter 20.
Security in ASP.NET is a two-layered process, as shown in Figure 19-1. All web requests are first handled by IIS. This gives IIS security a chance to accept or reject the request. If the request is accepted by IIS, it is then passed to ASP.NET, where it is again subjected to a security decision, and either accepted or rejected. The security systems of IIS and ASP.NET are completely independent of each other. They can be used either independently or in coordination, as will be described later in this chapter.