Configuring and Deploying Web Applications Lesson 7.

Slides:

Advertisements

Similar presentations

Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.

Advertisements

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

ASP Tutorial. What is ASP? ASP (Active Server Pages) is a Microsoft technology that enables you to make dynamic and interactive web pages. –ASP usually.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

Authenticating Users in an ASP.NET Application. Web Site Administration Tool From VS 2008, click Website/ ASP.Net Configuration to open Web Site Administration.

ASP.NET Reuven Abliyev Elyahu Sivaks Ariel Daliot.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

Module 6 Windows 2000 Professional 6.1 Installation 6.2 Administration/User Interface 6.3 User Accounts 6.4 Managing the File System 6.5 Services.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

Hands-On Microsoft Windows Server Connecting Through Terminal Services Terminal server – Enables clients to run services and software applications.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

HTML Comprehensive Concepts and Techniques Intro Project Introduction to HTML.

CONFIGURING WINDOWS SERVER MIS 424 Professor Sandvig.

Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd

Windows Server MIS 424 Professor Sandvig. Overview Role of servers Performance Requirements Server Hardware Software Windows Server IIS.

MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.

Configuring a Web Server. Overview Overview of IIS Preparing for an IIS Installation Installing IIS Configuring a Web Site Administering IIS Troubleshooting.

Deployment of web Site. Preparing the web site for deployment you now have two versions of web site 1 -one running in the production environment 2-one.

Session 11: Security with ASP.NET

Microsoft Azure Introduction ISYS 512. Microsoft Azure Microsoft Azure is a cloud.

Forms Authentication, Users, Roles, Membership Svetlin Nakov Telerik Corporation

Tutorial 10 Adding Spry Elements and Database Functionality Dreamweaver CS3 Tutorial 101.

XHTML Introductory1 Linking and Publishing Basic Web Pages Chapter 3.

CIM6400 CTNW (04/05) 1 CIM6400 CTNW Lesson 6 – More on Windows 2000.

Copyright 2000 eMation SECURITY - Controlling Data Access with

ASP.NET Web Application and Development Digital Media Department Unit Credit Value : 4 Essential Learning time : 120 hours Digital.

Tutorial 121 Creating a New Web Forms Page You will find that creating Web Forms is similar to creating traditional Windows applications in Visual Basic.

Course ILT Internet/intranet support Unit objectives Use the Internet Information Services snap-in to manage IIS, Web sites, virtual directories, and WebDAV.

© FPT SOFTWARE – TRAINING MATERIAL – Internal use 04e-BM/NS/HDCV/FSOFT v2/3 Securing a Microsoft ASP.NET Web Application.

1 Web services and security ---discuss different ways to enforce security Presenter: Han, Xue.

DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.

DEV325 Deploying Visual Studio.NET Applications Billy Hollis Author / Consultant.

Microsoft SharePoint Server 2010 for the Microsoft ASP.NET Developer Yaroslav Pentsarskyy

Module 5 Configuring Authentication. Module Overview Lesson 1: Understanding Classic SharePoint Authentication Providers Lesson 2: Understanding Federated.

MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Four Windows Server 2008 Remote Desktop Services,

HOW SHAREPOINT WORKS By Gary Newman. Root Folder Virtual Directories SP Farm DNS Iterative Forward DNS query for A host record HTTP request HTML & JS.

Module 4 : Installation Jong S. Bok

Dr. Mustafa Cem Kasapbaşı Security in ASP.NET. Determining Security Requirements Restricted File Types.

SECURITY ISSUES. Introduction The.NET Framework includes a comprehensive set of security tools –Low-level classes and an overall framework –Managing code.

1 After completing this lesson, you will be able to: Transfer your files to the Internet. Choose a method for posting your Web pages. Use Microsoft’s My.

MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Five Windows Server 2008 Remote Desktop Services,

Hands-On Microsoft Windows Server Implementing Microsoft Internet Information Services Microsoft Internet Information Services (IIS) –Software included.

Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 13 FTP and Telnet.

Module 11: Securing a Microsoft ASP.NET Web Application.

Slide 1 ASP Authentication There are basically three authentication modes Windows Passport Forms There are others through WCF You choose an authentication.

BIT 285: ( Web) Application Programming Lecture 15: Tuesday, February 24, 2015 Microsoft Azure Instructor: Craig Duckett.

Module 2: Using Microsoft Visual Studio.NET. Overview Overview of Visual Studio.NET Creating an ASP.NET Web Application Project.

Working with Users and Groups Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Introducing User Account Control Configure and troubleshoot.

MEMBERSHIP AND IDENTITY Active server pages (ASP.NET) 1 Chapter-4.

Web Access. Overview  Purpose  Prerequisites  Install Components  Enable Virtual Directories  IIS Configuration & Security  Troubleshooting.

IIS and.Net security -Vasudha Bhat. What is IIS? Why do we need IIS? Internet Information Services (IIS) is a Web server, its primary job is to accept.

Page 1 Printing & Terminal Services Lecture 8 Hassan Shuja 11/16/2004.

1 Chapter Overview Creating Web Sites and FTP Sites Creating Virtual Directories Managing Site Security Troubleshooting IIS.

Security E-Learning Chapter 08. Security Control access to your web site –3 Techinques for Identifying users Giving users access to your site Securing.

WEB SERVER SOFTWARE FEATURE SETS

Personalizing Web Sites Nasrullah. Understanding Profile The ASP.NET application service that enables you to store and retrieve information about users.

IBM Express Runtime Quick Start Workshop © 2007 IBM Corporation Deploying a Solution.

Hands-On Microsoft Windows Server Implementing User Profiles A local user profile is automatically created at the local computer when you log on.

Reliability and Performance

Unit 7 Learning Objectives

ASP .NET MVC Authorization Training Videos

Jim Fawcett CSE686 – Internet Programming Summer 2005

Jon Galloway | Tech Evangelist Christopher Harrison | Head Geek

Created by : Asst. Prof. Ashish Shah

Configuring Internet-related services

Security - Forms Authentication

Presentation transcript:

Configuring and Deploying Web Applications Lesson 7

Objectives

Authentication and Authorization When logging in to an ordinary PC, a user submits a username and password. This process of identifying the user is called authentication. The process of deciding what resources the user has rights to is called authorization. Authentication and authorization are the techniques used for connecting the right users to the right information.

ASP.NET and Authentication A SP.NET has several methods available for authentication, which can be set in the web.config file. The mode attribute of the element specifies how ASP.NET is going to handle the identification of the user. “Passport”, also known as Windows Live ID authentication, uses your Web pages to redirect users to a Microsoft Web site for login and then direct them back to your site with the information needed for controlling access. –In order for your visitors to log in, they must be members of Windows Live. “

Windows Authentication Windows” authentication is implemented using Microsoft Internet Information Services (IIS), which handles all of your HTTP requests. In order for your visitors to log in, they must have Windows accounts recognized by the server. This works well for intranets but is usually not practical for Internet applications.

Forms Authentication Forms authentication assigns most of the responsibility to the developer. IIS allows anonymous users to use the pages. Login pages can be written to authenticate users if desired.

Forms Authentication With forms authentication, the developer decides where the usernames and IDs are stored. The developer must also define the structure of the data. Databases, XML files, or even the web.config file are commonly used for storing these data. –This is commonly used for small applications because the file is already being used by ASP.NET. –For handling a large set of names that changes often, an XML file or database is the best choice.

Forms Authentication When using the forms mode, the element may be used within the tags. The element has many attributes that can be used to customize forms authentication. The element contains the element, which is used to manage usernames and passwords. The element is where we can finally list our usernames and passwords by filling it with elements.

Securing a Web Site Securing a Web site can be done using the following three steps: –1. Set the element in the web.config file. –2. Set the element in the web.config file. –3. Create a login page.

Design View Showing the Login.apsx Form

Impersonation Impersonation is used when ASP.NET and Internet Information Services (IIS), formerly called Internet Information Server, control the user authorization for a Web site. IIS is a group of network servers, such as Web, HTTP, and FTP, working together to support network applications.

Impersonation To change impersonation manually in the web.config file, we set the impersonate attribute of the element. For all users, we would enter. For a specific user we would add the userName and password attributes,.

Projects and Solutions As the name implies, the Web application project is an application, not a Web site. It is designed to run on the local computer using a Web interface. Although we have been running the applications in the same way that the Web application project is designed to run, the files used for our Web site, or “Web solution,” are designed to be deployed on a server using IIS for remote users to run over a network.

Local Assembly and Shared Assembly A local assembly is referenced only by a single application while a shared assembly (GAC) is referenced by many applications. If a change is made to a local assembly, it only affects a single application, while a change to a shared assembly can cause many applications to change behavior. This means we have to be much more careful about controlling shared assemblies.

AppSettings in Web.config The element is a special storage area of the web.config file for holding additional data and for supplementing settings. The element can be used as a tool for many creative tasks. The element is also used to allow web.config changes while the page is online without having to perform a restart.

IIS Installation and Configuration By default, IIS uses the C:\Inetpub folder to store Web sites.

Deploying Web Site Applications If your existing environment is based on simple HTML using Notepad, you will be deploying your site by copying your files to a host that may or may not be supported by Microsoft. For comprehensive IDEs like DreamWeaver or Visual Studio, the best choices for deployment are the built-in tools offered by these environments.

MSI Deployment Windows Installer (MSI), formerly known as Microsoft Installer, is the preferred method for deploying Web applications. Since Web applications are run on the desktop, they are deployed in a similar manner and MSI is used to create a setup file.

Application Pools Application pools is a new security feature of IIS 6.0 that allows you to isolate multiple Web applications that are running on the same computer. Application pools increase the security and reliability of ASP.NET Web applications.

Summary Reading and writing XML dataConfigure authentication, authorization, and impersonation. Understanding Web application projects, Web solutions, and assemblies. Configuring in Web.config. Understand IIS installation and configuration. Choosing a method to publish a Web site application based on the existing or intended environment. Understanding MSI deployment. Understanding the purpose of application pools and their effects on Web applications.