Language

Sign In|Join

///Chapter 7. Security

Security

Chapters

  1. 1. Getting Started
  2. 2. What is MVC?
  3. 3. Controllers and Routing
  4. 4. Views
  5. 5. Models (Data)
  6. 6. JavaScript
  7. 7. Security
  8. 8. Internationalization
  9. 9. Dependency Injection
  10. 10. Testing
  11. 11. Deployment
  12. 12. NuGet (Packages)

In this chapter, you'll learn:
How to use ASP.NET forms-based authentication or Windows authentication to help secure a site.

  1. Security

    This Pluralsight video provides an overview of security practices for an ASP.NET MVC application.

  2. Securing your ASP.NET MVC 4 App

    This blog post covers many important security considerations in ASP.NET MVC.

  3. XSRF/CSRF Prevention in ASP.NET MVC and Web Pages

    By Rick Anderson||Level 300 : Intermediate

    Cross-site request forgery (also known as XSRF or CSRF) is an attack against web-hosted applications whereby a malicious web site can influence the interaction between a client browser and a web si...

  4. OWASP Top 10 for .NET developers

    This series of blog posts by Troy Hunt describes the Open Web Application Security Project (OWASP) and covers the 10 most critical web application security risks.

  5. Deploy a Secure ASP.NET MVC application with OAuth, Membership and SQL Database

    This tutorial shows how to create and deploy a secure ASP.NET MVC 4 app using OAuth, the membership database with SQL data.

  6. Microsoft ASP.NET MVC Security with Haack and Hanselman

    This video analyzes XSS, CSRT, and JSON hijacking.

  7. Creating an Intranet Site

    This tutorial describes how to create an intranet application using ASP.NET MVC and how to secure it using Windows authentication and authorization.

  8. Using Forms Authentication

    This walkthrough shows you the functionality that is provided by default for ASP.NET forms authentication in an ASP.NET MVC application.

  9. Preventing Open Redirection Attacks (C#)

    By Jon Galloway|

    This tutorial explains how you can prevent open redirection attacks in your ASP.NET MVC applications. This tutorial discusses the changes that have been made in the AccountController in ASP.NET MVC...

  10. Windows Azure Active Directory

    This tutorial shows you how to enable authentication for web applications hosted on Windows Azure Web Sites using Windows Azure Active Directory .

  11. Securing your ASP.NET MVC 3 Application

    In this blog post, Rick Anderson describes some security pitfalls for MVC applications and how to avoid them.

  12. ASP.NET MVC Content Map

    See "Securing ASP.NET MVC applications" in the ASP.NET MVC Content Map.

  13. Security Extensibility in ASP.NET 4

    This whitepaper covers the major ways in which security features in ASP.NET 4 can be customized, including: Encryption options and functionality in the <machineKey> element, interoperability of ASP.NET 4 forms authentication tickets with ASP.NET 2.0, configuration options to relax automatic security checks on inbound URLs, pluggable request validation, and pluggable encoding for HTML elements, HTML attributes, HTTP headers, and URLs

  14. Using OAuth Providers with MVC

    By Tom FitzMacken|

    This tutorial shows you how to build an ASP.NET MVC 4 web application that enables users to log in with credentials from an external provider, such as Facebook, Twitter, Microsoft, or Google, and t...

ASP.NET MVC Books

Microsoft's Jon Galloway recommends these books for learning ASP.NET MVC:

Pro ASP.NET MVC 4

Pro ASP.NET MVC 4

by Adam Freeman

Professional ASP.NET MVC 4

Professional ASP.NET MVC 4

by Jon Galloway, Phil Haack, Brad Wilson, K. Scott Allen