Wiley.com
Print this page Share

Professional ASP.NET 2.0 Security, Membership, and Role Management

ISBN: 978-0-7645-9698-8
Paperback
648 pages
January 2006
Professional ASP.NET 2.0 Security, Membership, and Role Management (0764596985) cover image
This title is out-of-print and not currently available for purchase from this site.

Do you think you've discovered an error in this book? Please check the list of errata below to see if we've already addressed the error. If not, please submit the error via our Errata Form. We will attempt to verify your error; if you're right, we will post a correction below.

ChapterPageDetailsDatePrint Run
114 Addition to text
"ReflectionPermission" section, 2nd paragraph, add the following sentence:

You can still use reflection to access methods, members, etc... that would normally be available to public callers. For example, even in Medium trust you can still use reflection to invoke the public methods on a Membership provider.
1/31/06
137 Error in Text
3rd paragraph, 1st sentence:

Delete the phrase ", and in fact there is no way to turn this behavior off for no-compile pages."
1/31/06
138 Error in Text
1st paragraph, 1st sentence

The phrase "then for compiled pages ASP.NET 2.0"
should be
"then ASP.NET 2.0"
1/31/06
231 Error in Text
last paragraph, 1st sentence

Due to a bug in the shipping version of ASP.NET 2.0, forms authentication uses the wrong cookie path when it issues a new cookie based on information from a cross-application redirect. As a result, this sample will not work with cookie paths other than "/". The next section on "Cookie-based SSO Lite" describes the problem on page 237, in the fourth paragraph. The code in this section also shows how to workaround the problem.
1/31/06
237 Error in Text
second to last paragraph

Add sentences at the end of the paragraph saying:

This restriction applies specifically to ASP.NET's automatic generation of the ReturnUrl variable. As an alternative to the CustomReturnUrl variable, you could take control of the ReturnUrl variable and programmatically set it to a fully qualified address.
1/31/06
9 332 Error in Code
Chapter 9, Page 332, top of page, Item #4 missing dot between Configuration and Providers:

Code reads:
System.Web.ConfigurationProvidersHelper

Should read:
System.Web.Configuration.ProvidersHelper
07/20/2006
437 Error in Text
fourth paragraph (the last one before the section "Enforcing Custom Password Strength Rules")

42
should be
38
in 3 places in this paragraph
1/31/06
437 Error in Text
fourth paragraph (the last one before the section "Enforcing Custom Password Strength Rules")

end of 5th line: 40+- should be 39+

From testing this some more with more complex passwords, 38 characters turned out to be the effective upper limit.
1/31/06

Related Titles

General Web Site Development

by David Yack, Joe Mayo, Scott Hanselman, Fredrik Normén, Dan Wahlin, J. Ambrose Little, Jonathan Goodyear
by John Vince, Rae Earnshaw
by Mike Wooldridge
Back to Top