Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
Real-World Web Development with .NET 9

You're reading from   Real-World Web Development with .NET 9 Build websites and services using mature and proven ASP.NET Core MVC, Web API, and Umbraco CMS

Arrow left icon
Product type Paperback
Published in Dec 2024
Publisher Packt
ISBN-13 9781835880388
Length 578 pages
Edition 1st Edition
Languages
Arrow right icon
Toc

Table of Contents (17) Chapters Close

Preface 1. Introducing Web Development Using Controllers FREE CHAPTER 2. Building Websites Using ASP.NET Core MVC 3. Model Binding, Validation, and Data Using EF Core 4. Building and Localizing Web User Interfaces 5. Authentication and Authorization 6. Performance Optimization Using Caching 7. Web User Interface Testing Using Playwright 8. Configuring and Containerizing ASP.NET Core Projects 9. Building Web Services Using ASP.NET Core Web API 10. Building Web Services Using ASP.NET Core OData 11. Building Web Services Using FastEndpoints 12. Web Service Integration Testing 13. Web Content Management Using Umbraco 14. Customizing and Extending Umbraco 15. Epilogue 16. Index

Introducing authentication and authorization

Authentication and authorization are two concepts in web application security, often used together but with distinct purposes, as described in the following list:

  • Authentication aka “who are you?” This is the process of verifying the identity of a user. When a user attempts to log in to an application, the system checks whether the credentials, for example, username and password, provided by the user match those stored in the system. Successful authentication confirms that the user is who they claim to be. Once authentication has occurred, a system often provides the client with a token that the client can submit with future requests to avoid having to re-authenticate each time. These tokens can be HTTP cookies, JSON, or some other format like JWT (JSON Web Tokens) that can encapsulate additional claims.
  • Authorization aka “what can you do?” Once the user is authenticated, authorization determines what resources...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime