ASP.NET Web Site Security and Authentication


Our monthly meeting will be held at the Microsoft Greater PA Office in Malvern, PA on Wednesday, June 15 from 5:30-8:30. Refreshments are provided courtesy of Celerity.

Intro: Claims Based Authentication and WIF

Wednesday, June 15th, 2011 at 6:30 pm
Joe McGurkin

Using WS-* for authentication is becoming increasingly popular, even outside the .Net world. WIF helps developers implement a claims based system for authentication and authorization. There will be two main sections in this presentation.

  1. Ten thousand foot view of claims based authentication and authorization. Not just for developers! Network administrators, business analysts, PM’s, anyone involved in software solutions will benefit from Part 1.
  2. Creating a couple VS projects implementing claims based authentication using WIF

Using UpSert in EF4 with SQL Merge Statements

Wednesday, June 15th, 2011 at 6:45 pm
Ken Lovely

In less than 15 minutes we will create a stored procedure that utilizes the SQL 2008 Merge statement and map it with Entity Framework 4; allowing you to use modern code while keeping the old school DBA’s happy.

Web Site Security

Wednesday, June 15th, 2011 at 7:00 pm
Adam Tuliper

Security is an afterthought with most developers. A common problem is that most web applications can be easily hacked. This presentation explores the most common attacks on web applications, how they work to exploit your app, and most importantly, how to protect against them. Techniques such as Cross Site Scripting, SQL Injection, Session Hijacking, and Cross Site Request Forgery will be covered. ASP.NET Web Forms and ASP.NET Model-View-Controller (MVC) will be covered, as both have pros and cons that will be explored. We will start with a ‘broken’ application and secure it throughout the presentation. Learn about the various tools, techniques, and libraries to help protect your applications!