ASP.NET 2.0 Security Reference Implementation Sample on GotDotNet
Recently, GotDotNet has come up with a project on ASP.NET Internet Security Reference Implementation.
For those who are wondering how to architect and implement secure ASP.NET 2.0 web applications, this is a sample that should not be missed out.
"Extracted from Reference Implementation Walkthrough (GotDotNet)"
This solution architecture illustrates and implements security guidance as it applies to an Internet facing ASP.NET 2.0 web application. The guidelines in this document are based upon “Security Guidelines: ASP.NET 2.0” and “Security Guidelines: .NET Framework 2.0”, however they are specific to the Internet scenario and are placed within the context of a full sample application in a development environment. See, “Scenario and Solution: Forms Auth to SQL, Roles in SQL” to view this guidance as it applies to the Internet, Forms Authentication scenario.
This solution architecture uses the Pet Shop 4 sample application as a baseline. Pet Shop 4 has been updated in order to represent a reference implementation for ASP.NET 2.0 security best practices. These implemented security best practices are commented in the code and described in detail below.
The site provides code installer file (MSI) as well as reference implementation walkthrough discussing why certain decisions are made in the project.
Happy reading...