piątek, lutego 22, 2008

Bezpieczeństwo - ciąg dalszy:

  1. Kapitalny artykuł na temat zabezpieczenia SSL stron na IIS - http://weblogs.asp.net/scottgu/archive/2007/04/06/tip-trick-enabling-ssl-on-iis7-using-self-signed-certificates.aspx czytamy:

    A few last SSL related notes:

    • The IIS 7.0 admin tool has an "SSL Settings" node that you can select for each site, directory or file that allows you to control whether that particular resource (and by default its children) requires an SSL request in order to execute. This is useful for pages like a login.aspx page, where you want to guarantee that users can only enter their credentials when they are posting via an encrypted channel. If you configure the login.aspx page to require SSL, IIS 7.0 will block browsers from accessing it unless they are doing so over SSL.
    • Within an ASP.NET page or handler, you can programmatically check whether the current request is using SSL by checking the Request.IsSecure property (it will return "true" if the incoming browser request is over SSL).
    • You can set the "requireSSL" attribute on the <forms> configuration section within web.config files to have ASP.NET's forms-authentication system ensure that forms-authentication cookies are only set and used on SSL enabled pages and URLs. This avoids the risk of a hacker trying to intercept the authentication cookie on a non-SSL secured page, and then trying to use a "replay attack" from a different machine to impersonate a user.
  2. Zasoby książkowe oraz bezpłatny hosting na: http://aspnet.codeguru.pl/ksiazki.htm
  3. Strona MVP - Windows: http://www.visualwin.com/
  4. Jak to się robi strony w MVC pod .NET - http://weblogs.asp.net/scottgu/archive/2007/11/13/asp-net-mvc-framework-part-1.aspx
  5. LINQ dodawanie/usuwanie/aktualizacja tabel - http://weblogs.asp.net/scottgu/archive/2007/05/19/using-linq-to-sql-part-1.aspx a nawet:
  6. Jak to się robi - LINQ: http://weblogs.asp.net/scottgu/archive/2007/09/07/linq-to-sql-part-9-using-a-custom-linq-expression-with-the-lt-asp-linqdatasource-gt-control.aspx
  7. Jak wystartować w ASP - http://www.asp.net/get-started/
  8. Całkiem start w ASP:
    1. http://www.asp.net/
    2. http://msdn2.microsoft.com/en-us/asp.net/default.aspx
    3. http://joeon.net/post/2008/02/New-Live-From-Redmond-Webcasts-with-Visual-WebGui.aspx
    4. http://msdn2.microsoft.com/en-us/sqlserver/aa336346.aspx
    5. http://msdn2.microsoft.com/pl-pl/beginner/bb308760(en-us).aspx
    6. http://msdn2.microsoft.com/pl-pl/security/bb896640(en-us).aspx
    7. http://www.ajaxonomy.com/2008/security/ajax-security
    8. http://blogs.msdn.com/webdevtools/
    9. http://code.google.com/apis/accounts/docs/AuthForWebApps.html
Opracował w
Tagi: , , , , ,

Brak komentarzy:

Prześlij komentarz

Subskrybuj: Komentarze do posta (Atom)