“The Microsoft Solutions for Security (MSS) team is proud to announce the release and availability of Developing Identity-Aware ASP.NET Applications, a new paper in the Microsoft Identity and Access Management Series.

Organizations today are looking for guidance on how to avoid introducing new directories and authentication schemes that increase complexity and undermine the goals of a successful identity and access management strategy. They want to develop applications that are tightly integrated with their identity infrastructure.

This paper provides guidelines for developing applications that use the directory and security services of the Microsoft® Windows® platform. Specifically, the paper discusses identity considerations and guidelines when developing Microsoft ASP.NET multi-tier intranet and extranet Web applications using Microsoft Visual Studio® .NET and Microsoft Windows Server™ 2003 directory and security services. It provides detailed implementation guidance and ASP.NET code samples in Microsoft Visual C#® and Microsoft Visual Basic® .NET for:

Intranet Web applications that use Windows-integrated authentication and Windows Authorization Manager.
Extranet Web applications for B2B, B2C, and B2E scenarios using Windows authentication (including Forms-based authentication, X.509 certificates, and Microsoft Passport) and Windows Authorization Manager.

This new paper is based on field experience that deals with real-world problems, and the solutions offered are technically validated. Microsoft engineering teams, architects, consultants, support engineers, partners, and customers contributed to, reviewed and approved the paper.”