Securing Multi-tenant ASP.NET 4 Web Apps
Building multi-tenant sites are a great way to minimize the amount of duplicate code you need to write. This course teaches you how to secure your multi-tenant ASP.NET websites, and how to limit threats to your multi-tenant code.
What you'll learn
All website developers need to understand the basics of securing the sites they work on. Multi-tenant sites are no different. In this course, Securing Multi-tenant ASP.NET 4 Web Apps, you'll learn the skills to add the extra security layers necessary to secure and defend your sites from outside threats. First, you'll gain a better understanding of how ASP.NET Identity works to authenticate users to your site, and learn the customizations to handle multi-tenancy. Next, you'll explore specifically how to protect your ASP.NET MVC views that support static pages, and your WebAPI REST services that support single page apps. Finally, you'll discover how to implement JSON Web Tokens and Two Factor Authentication in your site. When you're finished with this course, you'll have the tools and knowledge to make the best decisions on how to implement multi-tenant security on your ASP.NET website.
Table of contents
- Introduction 2m
- Scaffolding a Visual Studio Web Project with Security 2m
- Learning How ASP.NET Identity Evolved from Membership Providers 3m
- Learning the Basics of IUser and IUserStore Interfaces 2m
- Seeing How Entity Framework Is Used for ASP.NET Identity 3m
- Extending ASP.NET Identity to Other Platforms 1m
- Extending ASP.NET Identity to Support Multi-tenancy 7m
- Linking Your Multi-tenant IUser and IUserStore to ASP.NET Identity 5m
- Summary 1m
- Introduction 2m
- Securing Multi-tenant Data in MVC Controllers 5m
- Implementing Secure Multi-tenant Data in Controllers and Views 6m
- Securing Multi-tenant SPA Apps That Use WebAPI REST Services 5m
- Authorizing WebAPI Services and Error Handling Anomaly 5m
- Securing SPA Apps Using WebAPI with Tokens 6m
- Using Authentication Tokens in 100% JavaScript 5m
- Summary 2m
- Introduction 2m
- Injection Attacks 7m
- Broken Authentication and Session Management 1m
- Cross-site Scripting XSS 1m
- Broken Access Control 1m
- Security Misconfiguration 1m
- Sensitive Data Exposure 1m
- Insufficient Attack Protection 1m
- Cross-site Request Forgery CSRF 2m
- Using Components with Known Vulnerabilities 1m
- Underprotected APIs 1m
- Summary 1m
About the author
Peter is an independent software consultant, specializing in .NET development from 1985 through 2001, as well as an eleven time Microsoft MVP. He was founder and president of Tufden Inc, where he successfully delivered systems for clinic scheduling, insurance company management and medical claim processing. His solutions included delivering a turnkey medical office management system to over 500 customers nationwide. His passion for the computer dates back to elementary school when he joined his ... more