Building Secure Microsoft ASP NET Applications Pro Developer
Posted by aspnetnerd on 08 Oct 2008 at 09:42 am | Tagged as: Book
Building Secure Microsoft ASP NET Applications Pro Developer
This title presents a scenario-based approach to designing and building secure applications that are based on ASP.NET technology. It identifies exactly where and how developers should perform authentication and authorization, and it demonstrates both how and when to use security techniques in establishing communication within and across the tiers of distributed Microsoft .NET Web applications. Above all, it imparts best practices for predictable results-based on proven techniques and insights gleaned from Microsoft product teams and the experience of Microsoft customers.
User Ratings and Reviews
4 Stars Worthy Purchase
I agree with most of the reviews on this page. Regardless of Microsoft’s current/past practices (which have absolutely nothing to do with the credibility of THIS book), it gives a good background on security in many situations. The part I found most helpful were the ‘How To’s’ sections. There are good real world examples that are straight to the point and easy to comprehend. I code in C# w/SQL Server and all examples in this book use that combination; PERFECT FIT!
I would of bought this book just for the ‘How To’s’ on hashing passwords and implementing roles with IPrincipal.
4 Stars Wow. MS is certainly an unusual source of security info…
However, this is overall a good book on the subject.
While MS may not seem like the best source for security information, this really is a good book. Unlike the person ranting in another review, I personally don’t care whether Bill Gates and MS is good or evil, or whether the security initiative at MS is a hoax or an honest effort. I care if this book can help me create a better, more secure ASP.NET application. And in that is is a success.
4 stars rather than 5 because the book is a little dry, and not exactly a page turner. However, there are things in here (like the section on hashing passwords) that will really make a difference in the security of your application.
5 Stars Good Prescriptive Guidance
The Patterns and Practices Series represents the bridge between known best practices and applications. Busy application developers are frequently tasked with building complex and secure system, and at the same time, are required to operate with limited resources and time. This series, and ASP.NET Security specifically, give good prescriptive guidance for a large number of common application scenarios. The how-to sections are exceeding valuable. Check out other books in this series and you will find lots of good guidance to jump start development on the MS platform.
