Steps
to store cookies in ASP.NET
Check if the client
supports cookies by using the Browser object’s Cookies
property.
Check if the cookie already exists by using the
Request object’s Cookies collection.
Create a new cookie
object using the HttpCookie class, if not exist.
Set the
cookie object’s Value and Expiration properties.
Add the
cookie object to the Response object’s Cookies
collection.
Cookie
object’s Expires property to Now – to delete
Cookies
DllImport
attribute to declare unmanaged procedures for use
within .NET assemblies.
To hide public
.NET members from COM, use the ComVisible
attribute.
Mailto
protocol to create a message that will be sent from
the user’s mail system.
The Mailto
protocol is used as part of a hyperlink.
MailMessage
and SmtpMail classes are used to compose and
send messages from the server’s mail system.
Authentication
is the process of identifying users.
Authorization
is the process of granting access to authenticated users
based on identity.
Access
by anonymous users is the way most public web sites
work allows anyone to view info.
ASP.NET web
applications provide anonymous access by
impersonation.
Impersonation
is the process of assigning a user account to an unknown
user.
By default, the
anonymous access account is named
IUSER_machinename.
Ways
to authenticate and authorize users in
ASP.NET
Windows authentication
uses windows user list and privileges to identify and
authorize users.
Forms
authentication directs users to a logon web
form that collects user name and password information, and then
authenticates the user against a user list or database that the
application maintains.
Passport
authentication directs new users to a site
hosted by microsoft.
The
FormsAuthentication class is part of the
System.Web.Security namespace. Authenticate method of this class
checks the user name and password against the user list found in
the element of Web.config. RedirectFromLoginPage
method of this class displays the application’s start page. Use
the FormsAuthentication class to sign out when the user has
finished with the application.
Passport
authentication identifies users via Microsoft
Passport’s single sign-on service. The advantage of Passport
authentication is that the user doesn’t have to remember
separate user names and passwords for various web sites
IIS
supports ways of encrypting and decrypting Web requests and
responses.This cryptography requires that you
request an encryption key called a server certificate from an
independent third party called a certificate authority. The Secure
Sockets Layer (SSL) is the standard means of ensuring that data
sent over the internet can’t be read by others. When a user
requests a secure Web page, the server generates an encryption key
for the user’s session and then encrypts the page’s data before
sending a response. On the client side, the browser uses that same
encryption key to decrypt the requested web page and to encrypt
new requests sent from that
page.
