Partilhar via


Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication

Retired Content

This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

 

patterns & practices Developer Center

Glossary

J.D. Meier, Alex Mackman, Michael Dunner, and Srinath Vasireddy
Microsoft Corporation

Published: November 2002

Last Revised: January 2006

See the "https://msdn.microsoft.com/en-us/library/ms998408.aspx">patterns & practices Security Guidance for Applications Index" for links to additional security resources.

See the Landing Page for the starting point and a complete overview of Building Secure ASP.NET Applications.

A

access control entry (ACE)

An access control entry (ACE) identifies a specific user or user group within an access control list and specifies the access rights for the user or user group. An individual ACE may explicitly deny or permit rights.

access control list (ACL)

An access control list (ACL) is an ordered list of access control entries (ACEs) attached to a securable object. The Windows operating system uses two types of ACL; a discretionary access control list (DACL) used to specify the access rights of a user or user group and a system access control list (SACL) used to determine when specific types of access should generate audit messages.

access right

An access right is an attribute of an access token that determines the type of operation that a particular Windows group or user can perform on a secured object. Example access rights include read, write, delete, execute, and so on.

access token

An access token is a data structure attached to every Windows process. It maintains security context information for the process, which includes a user SID identifying the principal whom the logon session represents, and authorization attributes including the user's group SIDs and privileges.

Every access token is associated with exactly one logon session, while a logon session may contain multiple access tokens; one for each process started within the logon session and optionally, additional thread tokens attached to individual threads.

account

An account is an entry in the security database that maintains the security attributes of an individual principal. The security database may either be the SAM database or Active Directory.

Accounts may either be domain accounts or local accounts.

Active Directory

Active Directory is the LDAP directory service used by the Windows operating system.

anonymous authentication

Anonymous authentication is a form of IIS authentication in which IIS makes no attempt to prove the identity of its clients. Anonymous authentication is akin to no authentication. It is often used in conjunction with ASP.NET Forms authentication which uses an HTML form to capture the client's credentials.

application server

An application server is a dedicated server computer, separate from a front-end Web server. The application server typically hosts Web services, remote components, and/or Enterprise Services applications that contain the majority of an application's business logic.

application pool

When you run IIS 6.0 in worker process isolation mode, you can group Web applications into application pools. An application pool is a grouping of URLs routed to one or more worker processes that share the same configuration. Application pools allow you to apply specific configuration settings to groups of applications and the worker processes servicing those applications. Any Web site, Web directory, or virtual directory can be assigned to an application pool.

asymmetric encryption

See public-private key encryption.

authentication

Authentication is the process of proving identity. For example, when you log on to Windows, the operating system authenticates you by requesting your credentials; a user name and password. When a process (a type of principal), acting on your behalf connects to a remote computer, it uses a cached set of credentials to answer network authentication requests.

authority

An authority is a trusted entity (organization or computer) that is used to provide authentication services.

authorization

Authorization is the process of determining whether or not an authenticated identity is allowed to access a requested resource or perform a requested operation.

B

Base 64 encoding

Base 64 encoding is a well-defined method for rendering binary data as printable ASCII text, suitable for use with text-based protocols such as HTTP. It is not encryption.

Basic authentication

Basic authentication is part of the HTTP 1.0 protocol. It is widely used because it is implemented by virtually all Web servers and Web browsers. Basic authentication is a simple authentication mechanism that does not involve cryptography or challenge/response handshaking. Instead, a principal's credentials (user name and password) are passed directly from client to server. Basic authentication is insecure unless combined with SSL, because the password is not encrypted before it is passed across the network. It is transmitted using Base 64 encoding, so the clear text password is easily obtainable.

C

certificate

A certificate is a digitally signed data structure that contains information about a subject (person or application) and the subject's public key. Certificates are issued by trusted organizations called certification authorities (CAs) after the CA has verified the identity of the subject.

certificate authentication

Certificate authentication is a form of IIS authentication in which IIS accepts client-certificates used to prove the client's identity. Using this form of authentication, IIS can optionally map a client certificate to a Windows user account by using an internal mapping table or Active Directory.

certificate revocation list (CRL)

A CRL is a document that is maintained and published by a certification authority (CA) that lists certificates issued by the CA that are no longer valid.

certificate store

A certificate store is a storage location for certificates, certificate revocation lists (CRLs) and certificate trust lists (CTL).

certification authority (CA)

A CA is a trusted organization or entity that issues certificates.

cipher

Cipher is a cryptographic algorithm used to encrypt data.

cipher text

Cipher text is data that has been encrypted.

clear text

Clear text is data that has not been encrypted.

client certificate

A client certificate is a certificate used by clients to provide positive identification of their identity to server applications.

code access security

Code access security is a form of .NET security that is used to control the access that code has to protected resources.

confidentiality

See privacy.

constrained delegation

Windows Server 2003 introduces constrained delegation. This allows domain administrators to specify exactly which services an account can access on a downstream server or a domain when using an impersonated user's security context.

credentials

Credentials are the set of items that a principal uses to prove its identity. A user name and password are a common example of a set of credentials.

cryptography

Cryptography is the art and science of information security. It encompasses confidentiality, integrity, and authentication.

D

declarative authorization

Declarative authorization is a form of authorization applied through the use of attributes. For example, .NET provides the PrincipalPermissionAttribute class which can be used to annotate methods to provide declarative authorization.

For example, the following declarative authorization ensures that the method DoPrivMethod can only be executed by members of the Manager or Teller role.

[PrincipalPermissionAttribute(SecurityAction.Demand, Role="Teller"),
PrincipalPermissionAttribute(SecurityAction.Demand, Role="Manager")]
public void DoPrivMethod()  
{
}
  

delegation

Delegation is an extended form of impersonation that allows a server process that is performing work on behalf of a client, to access resources on a remote computer. This capability is natively provided by Kerberos on Windows 2000 and later operating systems. Conventional impersonation (for example, that provided by NTLM) allows only a single network hop. When NTLM impersonation is used, the one hop is used between the client and server computers, restricting the server to local resource access while impersonating.

DES (data encryption standard)

DES is a block cipher that encrypts data in 64-bit blocks. DES is a symmetric algorithm that uses the same algorithm and key for encryption and decryption. DES has been superceded by triple DES.

dictionary attack

A dictionary attack is a brute-force attack in which the attacker tries every possible secret key to decrypt encrypted data. You can mitigate against this form of attack by using a salt value in conjunction with encrypted (or hashed) data.

Digest authentication

Digest authentication is defined by the HTTP 1.1 protocol although it is not widely used. With this form of authentication a clear text password is not passed across the network. A password hash or digest is passed instead. While more secure than Basic authentication, it requires Internet Explorer 5.0 or later on the client, and a Windows 2000 computer running IIS 5.0 with Active Directory on the server.

digital signature

A digital signature is used for message authentication; to ensure the validity of the sender of the message and also for message integrity; to ensure that data is not modified while in transit. Signing data does not alter it; it simply generates a digital signature string which is transmitted with the data.

Digital signatures are created using public-key signature algorithms such as the RSA public-key cipher.

digest

See hash.

discretionary access control list (DACL)

A DACL is associated with a securable object (using a security descriptor) and specifies the set of access rights granted to users and groups of users. The DACL is controlled by the owner of an object and it consists of an ordered list of access control entries (ACEs) that determine the types of operation a user or user group can perform against the object.

domain accounts

Domain accounts are a Windows or group account centrally maintained and administered in a domain controller's SAM database or in Active Directory.

DPAPI (data protection API)

DPAPI is a Win32 API available on Windows 2000 and later operating systems used to encrypt and decrypt data. DPAPI passes the key management issue associated with encryption techniques to the operating system, as it uses Windows account passwords to generate encryption keys.

E

EFS (encrypting file system)

The encrypting file system (EFS) is provided by Windows 2000 and later operating systems, to provide file-encryption capabilities on an NTFS volume.

encryption

Encryption is the process of converting data (plain text) into something that appears to be random and meaningless (cipher text), which is difficult to decode without a secret key. Encryption is used to provide message confidentiality.

entropy

Entropy is a measure of uncertainty. It is used in association some encryption technologies to introduce a degree of randomness into the encryption process. An entropy value used in addition to a key to encrypt data must also be used to decrypt data.

F

fixed principal impersonation

Fixed principal impersonation is a form of impersonation used by ASP.NET in which the impersonated identity remains constant regardless of the authenticated caller's identity. Usually, the impersonated identity is determined by the identity of the caller. The identity used for fixed principal impersonation is specified by using the userName and password attributes of the <identity> element in web.config. An example follows.

<identity userName="Bob" password="password" />
  

Forms authentication

Forms authentication is a type of authentication supported by ASP.NET that requires users to log on by supplying logon credentials through an HTML form.

G

gatekeeper

A gatekeeper is a technology or subsystem used to provide access control. Example gatekeepers include IIS, the ASP.NET UrlAuthorizationModule, and the ASP.NET FileAuthorizationModule.

GenericIdentity

GenericIdentity is an implementation of the IIdentity interface, used by ASP.NET in conjunction with Forms, Passport (and sometimes custom) authentication mechanisms. The GenericPrincipal object contains a GenericIdentity object.

GenericPrincipal

GenericPrincipal is an implementation of the IPrincipal interface, used by ASP.NET in conjunction with Forms and Passport (and possibly custom) authentication mechanisms. It contains the list of roles (retrieved by the application from a custom data store) that the user belongs to.

The GenericPrincipal object is attached to the context of Web requests and is used for authorization. It contains a GenericIdentity object.

H

hash

A hash is a fixed length numeric value that uniquely identifies data. Hash values are useful to verify the integrity of data sent through insecure channels. The hash value of received data can be compared to the hash value of data as it was sent to determine if the data was altered.

Hash values are also used with digital signatures. Because small hash values can be used to represent much large amounts of data, only the hash of a message needs to be signed; rather than the entire message data.

HTTP context

HTTP context is the context or property collection associated with (and describing) the current Web request.

HTTP module

An HTTP module is a module used by ASP.NET to process Web requests. An HTTP module is an assembly that implements the IhttpModule interface and handles events. ASP.NET uses a series of built-in modules such as authentication modules, the session state module and the global cache module. Custom HTTP modules can be developed and plugged into the ASP.NET HTTP processing pipeline.

HTTP handler

ASP.NET maps HTTP requests to HTTP handlers. ASP.NET maps individual URLs or groups of URL extensions to specific HTTP handlers. HTTP handlers are functionality equivalent to ISAPI extensions but with a much simpler programming model. An HTTP handler is an assembly that implements the IHttpHandler and IHttpAsyncHandler interfaces.

I

identity

Identity refers to a characteristic of a user or service that can uniquely identify it. For example, this is often a display name, which often takes the form "authority/username".

imperative authorization

Imperative authorization is a form of authorization applied within method code. For example, .NET provides the PrincipalPermissionAttribute class which can be used to provide imperative authorization as shown in the code that follows. The code demands that the caller belong to the Teller role. If the caller doesn't belong to this role, a security exception is generated and the privileged code (the code that follows the Demand method call) is not executed.

public UsePrivilege()
{
  PrincipalPermission permCheck = new PrincipalPermission(null,"Teller");
  permCheck.Demand();
  // privileged code
}
  

impersonation

Impersonation is the technique used by a server application to access resources on behalf of a client by using a copy of the client's access token. To facilitate the generation of a client's access token on a server computer, the client must pass its identity across the network to the server application.

Also see fixed principal impersonation.

impersonation/delegation model

An impersonation/delegation model is a resource access model that flows the security context of the original caller through successive application tiers and onto back-end resource managers. This allows resource managers to implement authorization decisions based on the identity of the original caller.

This is in contrast to the trusted subsystem model that uses fixed "trusted" identities for resource access.

impersonation token

See thread token.

integrity

Secure communication channels must also ensure that data is protected from accidental or deliberate (malicious) modification while in transit. Integrity is usually provided by using message authentication codes (MACs).

IPSec (Internet Protocol Security)

IPSec is a form of transport level security. IPSec is designed to encrypt data as it travels between two computers, protecting the data from modification and interpretation.

K

Kerberos

Kerberos is an authentication protocol supported by Windows 2000 and later operating systems. Kerberos supports the extended form of impersonation called delegation, which allows a caller's security context to access network resources in addition to resources local to the server's operating system.

key

A key is a value supplied to an encryption or decryption algorithm used to encrypt and decrypt data. Symmetric encryption algorithms use the same key to encrypt and decrypt data, while asymmetric algorithms use a public/private key pair.

key pair

A key pair is a public and private pair of keys that belong to an entity and are used to encrypt and decrypt data.

key store

A key store is where the Microsoft Cryptography API (CryptoAPI) stores key pairs (usually in a file or registry key). Key stores are specific to either a user or the computer the keys were generated on.

L

LDAP (Lightweight Directory Access Protocol)

LDAP is a protocol used to access directory services including Active Directory.

local account

A local account is a Windows account maintained and stored within the SAM database local to a specific computer. Local accounts (unlike domain accounts) cannot be used to access network resources, unless a duplicate local account (with the same name and password) is created on the remote computer.

login controls

The ASP.NET 2.0 login controls are a suite of controls that integrate with ASP.NET 2.0 membership to offer a solution for handling user membership and controlling access to site pages based on user authentication, membership, and roles. Using login controls, you can provide users with the ability to log in, log out, recover their password, and view restricted information, all without writing code. The collective functionality of the login controls is implemented by using each discrete control as part of a larger process; for example, using the Login control for authentication and the PasswordRecovery and CreateUserWizard controls for maintenance and registration.

logon session

A logon session defines the security context in which every process runs. When you interactively log on to a computer, an interactive logon session is created to host the Windows shell and any process that you may start interactively. When a process connects on your behalf to a remote computer, your credentials (which are cached in your local logon session) are used to handle authentication requests from the remote computer. Assuming the authentication process is successful, a network logon session is established on the remote computer to represent the work performed on your behalf on the remote computer.

LogonUser

LogonUser is a Win32 API used to create a logon session (and access token) for a specified Windows account. Code that calls LogonUser must be part of the computer's TCB, which means that it must be running within a process whose Windows account has been granted the "Act as part of the operating system" privilege.

LSA (Local Security Authority)

The Local Security Authority (LSA) is a local Windows subsystem responsible for providing authentication services.

M

MAC (message authentication code)

Message authentication code is a hash value appended to a message to provide integrity. When using a MAC algorithm to generate a hash, the receiving application must also posses the session key to re-compute the hash value so it can verify that the message data has not changed.

membership

The ASP.NET version 2.0 Membership feature provides secure credential storage for application users. It also provides a membership API that simplifies the task of validating user credentials when used with Forms authentication. Membership providers abstract the underlying store used to maintain user credentials.

mutual authentication

Mutual authentication is a form of authentication where the client authenticates the server in addition to the server authenticating the client. Mutual authentication is not supported by NTLM but is supported by Kerberos Mutual authentication is also possible with SSL when the server accepts or requires client certificates.

N

non-repudiation

Non-repudiation is the ability to identify users who performed certain actions, thus irrefutably countering any attempts by a user to deny responsibility. For example, a system may log the ID of a user whenever a file is deleted.

NTLM

NTLM (which stands for Windows NT LAN Manager) is a challenge/response authentication protocol used on networks that include systems running versions of the Microsoft Windows NT operating system earlier than Windows 2000 and on stand-alone systems.

P

PKCS (public-key cryptography standards)

PKCS is a set of syntax standards for public-key cryptography covering security functions, including methods for signing data, exchanging keys, requesting certificates, public-key encryption and decryption, and other security functions.

plain text

See clear text.

principal

A principal is an entity (typically a human, computer, application or service) that attempts to access a secured resource or application. A principal has a unique name and some way of proving its Identity to other principals in a system.

principle of least privilege

Principle of least privilege is the notion of running executable code using the weakest possible process identity. This is to limit the potential damage that can be done should the process be compromised.

If a malicious user manages to inject code into a server process, the privileges granted to that process determine to a large degree the types of operations the user is able to perform.

privacy

Privacy is concerned with ensuring that data remains private and confidential, and cannot be viewed by eavesdroppers who may be armed with network monitoring software. Privacy is usually provided by means of encryption.

private key

A private key is the secret half of a key pair used in a public key algorithm. Private keys are typically used to encrypt a symmetric session key, digitally sign a message, or decrypt a message that has been encrypted with the corresponding public key.

privilege

Privilege is the right of a user to perform various system-related operations, such as shutting down the system, loading device drivers, or changing the system time. A user's access token contains a list of the privileges held by either the user or the user's groups.

process identity

Process identity is determined by the Windows account used to run an executable process. For example, the default process identity of the ASP.NET worker process is ASPNET (a local, least privileged Windows account).

The process identity determines the security context used when code within the process accesses local or remote resources. If the code is impersonating, the thread identity (determined by the thread token) provides the security context for resource access.

process isolation mode

Worker process isolation mode loads application code — for example, ASP and ASP.NET applications — into the worker process only. By isolating application code in the worker process, this application isolation mode ensures a reliable environment for an application server. The WWW service, IIS Admin service, and HTTP.sys service can run continuously despite any service interruptions that might occur in a worker process. Also, Web sites running in the worker processes are not affected by failures in other worker processes because they are isolated from each other through operating system process boundaries.

protected configuration

In ASP.NET 2.0, the Protected Configuration feature can be used to encrypt sensitive information, including user names and passwords, database connection strings, and encryption keys, in a configuration file such as the Web.config file for an ASP.NET application.

protocol transition

Windows Server 2003 has a protocol transition feature that permits applications to use a non–Windows authentication mechanism to authenticate users, but still use Kerberos authentication and delegation to access downstream network resources.

proxy account

See service account.

public key

A public key is the public half of a public/private key pair. It is typically used when decrypting a session key or a digital signature. The public key can also be used to encrypt a message, guaranteeing that only the person with the corresponding private key can decrypt the message.

public-private key encryption

Public-private key encryption is an asymmetric form of encryption that relies on a cryptographically generated public/private key pair. Data encrypted with a private key can only be decrypted with the corresponding public key (and vice-versa).

R

RC2

RC2 is the CryptoAPI algorithm name for the RC2 algorithm.

RC4

RC4 is the CryptoAPI algorithm name for the RC4 algorithm.

Role Manager

ASP.NET version 2.0 provides a Role Manager feature that includes Roles Management APIs that allows you to create and delete roles and to add and remove users. The Role Manager feature stores its data in an underlying data store that it accesses through an appropriate role provider.

roles

Roles are logical identifiers (such as "Manager" or "Employee") used by an application to group together users who share the same security privileges within the application. Example role types include .NET roles, Enterprise Services (COM+) roles, and database roles used by SQL Server.

RSA

RSA Data Security, Inc., is a major developer and publisher of public-key cryptography standards. RSA stands for the names of the company's three developers and the owners: Rivest, Shamir, and Adleman.

S

SACL (system access control list )

An SACL is associated with a securable object (using a security descriptor) and specifies the types of operations performed by particular users that should generate audit messages.

salt

Salt is random data that can be used in conjunction with encrypted or hashed data in order to increase the work required to mount a brute-force dictionary attack against the protected data. It is usually placed in front of the encrypted or hashed data.

SAM database

The SAM database is the database used by Windows NT and Windows 2000 (without Active Directory) to maintain user and group accounts.

secure communication

Secure communication is concerned with providing message integrity and privacy, while data flows across a network. Technologies that provide secure communication include SSL and IPSec.

security context

Security context is a generic term used to refer to the collection of security settings that affect the security-related behavior of a process or thread. The attributes from a process' logon session and access token combine to form the security context of the process.

security descriptor (SD)

A security descriptor (SD) contains security information that is associated with a securable object such as a file or process. A security descriptor contains attributes that includes an identification of the object's owner, the security groups the owner belongs to, and two access control lists (ACLs); the discretionary access control list (DACL) which defines the access rights for individual users and groups of users, and the system access control list (SACL) which defines the types of operation performed on the object that should result in the generation of audit messages.

service account

A service account is a specifically configured account (also known as a proxy account) used solely for the purposes of accessing a downstream resource (often a database) in a multi-tier distributed application. Middle tier components often use a limited number of service accounts to connect to a database to support connection pooling. Service accounts may be Windows accounts maintained in Active Directory or the SAM database, or SQL accounts maintained within SQL Server.

session key

Session key is a randomly-generated symmetric key used to encrypt data transmitted between two parties. Session keys are used once (for a single session) and then discarded.

SHA (secure hash algorithm)

SHA is an algorithm used to generate a message digest or hash. The original SHA algorithm has been replaced with the improved SHA1 algorithm.

SID (security identifier)

A security identifier (SID) uniquely identifies a user or user group within a domain. A SID is a variable length value and consists of a revision level, an authenticating authority value (the SID issuer, typically Windows), a set of sub-authority values (typically representing the network domain) and a relative ID (RID) which is unique within the authenticating authority / sub-authority combination.

SIDs are never reused even when a user account is deleted and then recreated with the same name and password combination.

SOAP

SOAP is a lightweight, XML-based protocol for the exchange of information in a distributed environment. Used by Web services

SOAP extension

A SOAP extension is an extensibility mechanism supported by ASP.NET that allows you to extend SOAP message processing. With a SOAP extension, you can inspect or modify a message at specific stages during the processing lifecycle on either the client or server.

SSL (secure sockets layer)

SSL is a protocol for secure network communications using a combination of public and secret key technology.

SSPI (security support provider interface)

SSPI is a common interface between transport-level applications, such as Microsoft Remote Procedure Call (RPC), and security providers, such as the Windows Integrated authentication provider. SSPI allows a transport application to call one of several security providers to obtain an authenticated connection in a uniform fashion.

symmetric encryption

Symmetric encryption is a form of encryption that uses the same (single) key to encrypt and decrypt data. Both the sender and the recipient of the encrypted data must have the same key.

T

TCB (trusted computing base)

A TCB is a boundary that defines the portion of a system that is trusted to enforce security policy. Executable code that runs within the TCB is able to perform operations without being subjected to normal security checks. Device drivers run within the TCB. User code runs within the TCB if the associated process account is granted the "Act as part of the operating system" privilege. User code that runs under the local SYSTEM account also runs within the boundaries of the TCB.

temporary token

See thread token.

thread token

A thread token is a temporary access token associated with a specific thread. When a thread is created, it has no access token and any secure operations performed by the thread, use information obtained from the process token. A classic situation in which a thread acquires an access token is when a thread in a server process wants to perform work on behalf of a client. In this situation the thread impersonates the client by acquiring an access token to represent the client.

Thread tokens are also referred to as temporary tokens and impersonation tokens.

token

See access token.

transitive trust

Transitive trust is a bidirectional form of trust relationship between computers or domains. Transitive means that if authority A trusts authority B and authority B trusts authority C then authority A implicitly trusts authority C (without an explicit trust relationship having to exist between A and C). Transitive trust relationships are supported by Active Directory on Windows 2000.

triple DES

This is the triple DES (3DES) encryption cipher. It is a variation of the DES block cipher algorithm that encrypts plain text with one key, encrypts the resulting cipher text with a second key, and finally, encrypts the result of the second encryption with a third key. Triple DES is a symmetric algorithm that uses the same algorithm and keys for encryption and decryption.

trust

Secure systems rely on the notion of trust to one degree or another. For example, users who have administrative privileges (that is, administrators) must be trusted to correctly administer a system and not to deliberately perform malicious acts. Similarly, code that runs with extended privileges, such as device drivers and code that runs as LocalSystem must be trusted. Code that implicitly requires trust such as this, runs within the computer's Trusted Computing Base (TCB). Code that cannot be fully trusted must not be allowed to run within the TCB.

The notion of trust is also important for the trusted subsystem model, which places trust in an application or service.

trusted subsystem model

A trusted subsystem model is a resource access model adopted by Web applications in which the application uses a fixed "trusted" identity to access downstream resource managers such as databases.

A database administrator defines security roles and permissions for the specific "trusted" identity within the database. This model supports database connection pooling which greatly helps an application's ability to scale. This is in contrast to the impersonation/delegation model.

U

user profile

User profiles maintain a user's configuration information. This includes desktop arrangement, personal program groups, program items, screen colors, screen savers, network connections and so on. When a user logs on interactively, the system loads the user's profile and configures the environment according to the information in the profile.

The LoadUserProfile API can be used to programmatically load a user profile. Non-interactive accounts such as the local ASPNET account used to run ASP.NET Web applications do not have a user profile.

W

WindowsIdentity

WindowsIdentity is an implementation of the IIdentity interface, used by ASP.NET in conjunction with Windows authentication. A WindowsIdentity object exposes the Windows access token of the user together with user name information. The WindowsPrincipal object contains a WindowsIdentity object.

WindowsPrincipal

WindowsPrincipal is an implementation of the IPrincipal interface, used by ASP.NET in conjunction with Windows authentication. ASP.NET attaches a WindowsPrincipal object to the context of the current Web request to represent the authenticated caller. It is used for authorization.

The WindowsPrincipal object contains the set of roles (Windows groups) that the user belongs to. It also contains a WindowsIdentity object that provides identity information about the caller.

X

XML digital signature

An XML digital signature is a digital signature applied to an XML document.

XML encryption

XML encryption is a process for encrypting and decrypting parts of XML documents. This type of encryption provides end-to-end security for applications that require secure exchange of structured data.

patterns & practices Developer Center

Retired Content

This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

© Microsoft Corporation. All rights reserved.