All you want to know about ASP.Net security in 3 pages

This week on the EDRA message board, there was a question about EDRA runtime user context. This made me research on asp.net and IIS security and after some research I posted the IdentityImpersonate handler. Johnatan Wanagel, one of the MS guys that works tight with EDRA, posted these very interesting links...

IIS & ASP.Net Pipeline processing
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetAP04.asp

IIS authentication settings, the resultant identity that is obtained from each of the variables that maintain an IPrincipal and/or IIdentity object.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetAP05.asp

The chapter that explains everything about impersonation, WindowsIdentity and ASP.NET Security Architecture in general
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetch08.asp

Published: September 13 2004

blog comments powered by Disqus