This section provides a series of reference links to articles, support roadmaps, and technology hubs that relate to the core areas covered by Building Secure ASP.NET Applications. Use this section to help locate additional background reading and useful articles. This section has a consolidated set of pointers for the following:
MSDN articles and hubs from MSDN (http://msdn.microsoft.com/)
Knowledge Base articles and roadmaps for support (http://support.microsoft.com/)
Articles and hubs from Microsoft.com (http://www.microsoft.com/)
Seminars from Microsoft Online Seminars (http://www.microsoft.com/seminar/)
Support WebCasts (http://support.microsoft.com/default.aspx?scid=/webcasts)
How To articles on MSDN (http://msdn.microsoft.com/howto/)
For security specific How Tos, see http://msdn.microsoft.com/howto/security.asp.
Articles and resources on GotDotNet (http://www.gotdotnet.com/)
You can search the Microsoft Knowledge Base from two locations:
Directly from Microsoft’s Support site (http://support.microsoft.com/)
Indirectly from MSDN’s search facility (http://msdn.microsoft.com/)
When you search the Knowledge Base, you can supplement your search with keywords to help refine the articles that appear as a result of your search.
The following example uses the support search site, but similar concepts apply when searching from MSDN.
▸ To search the Knowledge Base, from http://support.microsoft.com
In the Search the Knowledge Base box, select All Microsoft Search Topics (the default selection).
In the For solutions containing (optional) box, type your search criteria. You can use a combination of Knowledge Base keywords and search criteria.
The following list shows some example Knowledge Base keywords:
kbAspNet. –Returns ASP.NET articles.
kbAspNet kbSecurity. –Returns ASP.NET articles that discuss security issues.
kbAspNet impersonation. –Returns ASP.NET articles that discuss impersonation. Note that impersonation is not a keyword; it is simply an additional search criterion, which helps to refine the search.
To make sure the search includes all of the words you enter, click All of the words entered in the Using field.
To limit the age of articles returned from the search, select a value from the Maximum Age field.
To show more search results than the default 25, enter a value into the Results Limit field.
You may find the following Knowledge Base keywords helpful:
Security: kbSecurity
Roadmaps: kbArtTypeRoadmap
How Tos: kbHowToMaster
You can use the preceding keywords in conjunction with the following technology and product keywords:
ADO.NET: kbAdoNet
ASP.NET: kbAspNet
Enterprise Services: kbEntServNETFRAME
Web Services: kbWebServices
Remoting: kbRemoting
MSDN: .NET Security Hub: http://msdn.microsoft.com/library/default.asp?url=/nhp/Default.asp?contentid=28001369
GotDotNet: .NET Security: http://www.gotdotnet.com/team/clr/about_security.aspx
Microsoft.com: Active Directory information: http://www.microsoft.com/ad/
MSDN Active Directory information: http://msdn.microsoft.com/library/default.asp?url=/nhp/Default.asp?contentid=28000413
Transitive trust is always available between domains in the same forest. Only "external trusts," which are not transitive, are available in separate forests in Windows 2000.
Active Directory installations in perimeter networks (also known as DMZ, demilitarized zones, and screened subnets) should always be in a separate forest, not just a separate domain. The forest is the security boundary. This concept is illustrated in Chapter 6.
If you need more than 5,000 members in a group then you need either .NET Server (which supports direct group membership of arbitrary sizes) or nested groups. The Commerce Server 2000 Software Development Kit (SDK) uses nested groups. However, the SDK is not required.
Active Directory Extranet Adoption Fueled by Internet Scalability and Rapid Return on Investment: http://www.microsoft.com/PressPass/press/2002/May02/05-08ADMomentumPR.asp
Netegrity SiteMinder 4.61 with Microsoft Active Directory AuthMark Performance: http://www.mindcraft.com/whitepapers/sm461ad/sm461ad.html
INFO: Roadmap for Using ADO in .NET: http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q308044
INFO: Roadmap for ADO.NET DataSet Objects and XML Web Services (Q313648): http://support.microsoft.com/default.aspx?scid=kb;en-us;Q313648
Advanced ADO.NET Online Seminars: http://www.microsoft.com/seminar/
MSDN : ASP.NET Developer Center: http://msdn.microsoft.com/library/default.asp?url=/nhp/default.asp?contentid=28000440
Support: ASP.NET Support Center: http://support.microsoft.com/default.aspx?scid=fh;EN-US;aspnet
INFO: ASP.NET Roadmap: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q305140
INFO: ASP.NET Security Overview: http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q306590
INFO: ASP.NET HTTP Modules and HTTP Handlers Overview: http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q307985
INFO: ASP.NET Configuration Overview: http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q307626
The following keywords help retrieve ASP.NET articles:
Show ASP.NET articles: kbAspNet
Show ASP.NET articles related to security: kbAspNet kbSecurity
Managed Security Context in ASP.NET: http://msdn.microsoft.com/library/default.asp?url=/nhp/Default.asp?contentid=28000440
HOW TO: Implement Forms-Based Authentication in Your ASP.NET Application by Using C# .NET: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q301240
HOW TO: Secure ASP.NET Application Using Client-Side Certificate: http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q315588
HOW TO: Secure an ASP.NET Application by Using Windows Security: http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q315736
HOW TO: Implement Role-Based Security in ASP.NET App by Using C#: http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q311495
HOW TO: Create Keys with VB .NET for Use in Forms Authentication: http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q313091
HOW TO: Create Keys w/ C# .NET for Use in Forms Authentication: http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q312906
HOW TO: Control Authorization Permissions in ASP.NET Application: http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q316871
HOW TO: Authenticate Against the Active Directory by Using Forms: http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q316748
HOW TO: Implement Role-Based Security with Forms-Based Authentication in Your ASP.NET Application by Using Visual Basic .NET: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q306238
For more ASP.NET related How Tos, you can search using the following KB keywords:
kbAspNet
kbHowToMaster
Support WebCast: Microsoft ASP.NET Security: http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com/servicedesks/webcasts/wc112001/wcblurb112001.asp
HOW TO: Search for Enterprise Services in the Knowledge Base and MSDN: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q316816
HOWTO: Search for COM+ Knowledge Base Articles: http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q252318
INFO: Roadmap for .NET Enterprise Services: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q308672
Serviced Component Overview: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconservicedcomponentoverview.asp
COM+ Integration: How .NET Enterprise Services Can Help You Build Distributed Applications: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnmag01/html/complus0110.asp
Understanding Enterprise Services (COM+) in .NET: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dndotnet/html/entserv.asp
Q305683–BETA-HOWTO: Create a Simple Serviced Component that Uses Transactions in C#: http://kbtools/PreviewWEB/PreviewQ.asp?Q=305683
Q305679–HOWTO: Sign Your Assembly with a Strong Name Using SN.EXE: http://kbtools/PreviewWEB/PreviewQ.asp?Q=305679
Enterprise Services FAQ: http://www.gotdotnet.com/team/xmlentsvcs/
Support WebCast: Microsoft COM+ and the Microsoft .NET Framework: http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com/servicedesks/webcasts/wc032202/wcblurb032202.asp
Support WebCast: COM Threading and Application Architecture in COM+ Applications: http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com/servicedesks/webcasts/wc051801/wcblurb051801.asp
Microsoft.com: IIS : http://www.microsoft.com/iis/
Support: IIS 5 Support Center: IIS http://support.microsoft.com/default.aspx?scid=fh;EN-US;iis50
An Introduction to Microsoft .NET Remoting Framework: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dndotnet/html/introremoting.asp?frame=true
Microsoft .NET Remoting: A Technical Overview: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dndotnet/html/hawkremoting.asp
Remoting Basic and Advanced samples: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpsamples/html/remoting.asp
IPrincipal remoting sample: http://staff.develop.com/woodring/dotnet/#remprincipal
Develop Distributed Applications using Microsoft .NET Remoting: http://www.microsoft.com/Seminar/Includes/Seminar.asp?Url=/Seminar/en/Developers/20020531devt1-54/Portal.xml
Support WebCast: Microsoft .NET Framework: .NET Remoting Essentials http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com/servicedesks/webcasts/wc040402/wcblurb040402.asp
MSDN: SQL Server: http://msdn.microsoft.com/library/default.asp?url=/nhp/Default.asp?contentid=28000409
Support: SQL Server Support Center: http://support.microsoft.com/default.aspx?scid=fh;EN-US;sql
Microsoft SQL Server 2000: How to Configure SSL Encryption http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com/servicedesks/webcasts/wc042302/wcblurb042302.asp
Support: Visual Studio .NET Support Center: http://support.microsoft.com/default.aspx?scid=fh;EN-US;vsnet
HOW TO: Use the Key Productivity Features in Visual Studio .NET: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q318205
MSDN.Microsoft.Com: Web Services: http://msdn.microsoft.com/library/default.asp?url=/nhp/Default.asp?contentid=28000442
INFO: Roadmap for ADO.NET DataSet Objects and XML Web Services (Q313648): http://support.microsoft.com/default.aspx?scid=kb;en-us;Q313648
INFO: Roadmap for XML Serialization in the .NET Framework: http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q314150
INFO: Roadmap for XML in the .NET Framework: http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q313651
XML Web Services Technology Map: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dndotnet/html/Techmap_websvcs.asp?frame=true
House of Web Services: http://msdn.microsoft.com/msdnmag/issues/01/11/webserv/webserv0111.asp ; http://msdn.microsoft.com/msdnmag/issues/02/02/WebServ/WebServ0202.asp
HOW TO: Secure XML Web Services with SSL in Windows 2000: http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q307267
Support WebCast: Microsoft ASP.NET: Advanced XML Web Services Using ASP.NET: http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com/servicedesks/webcasts/wc032802/wcblurb032802.asp
Support WebCast: Microsoft .NET: Introduction to Web Services: http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com/servicedesks/webcasts/wc012902/wcblurb012902.asp
Search Online Seminars at http://www.microsoft.com/seminar/ for:
Microsoft.com: Windows 2000 : http://www.microsoft.com/windows2000/default.asp
Support.Microsoft.Com: Windows 2000 Support Center: http://support.microsoft.com/default.aspx?scid=fh;EN-US;win2000
MSDN.Microsoft.Com: http://msdn.microsoft.com/library/default.asp?url=/nhp/Default.asp?contentid=28000458
TechNet.Microsoft.Com: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windows2000serv/Default.asp