62,040
社区成员
发帖
与我相关
我的任务
分享请教asp.net下的电子商务网站的安全解决方案!
用asp.net开发电子商务网站(BotB),安全问题应该怎么解决,涉及的问题是:1、网站平台自身的安全性(代码的安全和防火墙、路由器的设置)2、客户发送信息在网络传输中的加密安全性(不用ssl)。其他还有什么要注意,有什么好的解决方案或是建议,具体怎么做,谢谢大家!
...全文
请发表友善的回复…
发表回复
stonec 2003-10-22
- 打赏
- 举报
没有了,就结了哦?
SureBeiJing 2003-10-22
- 打赏
- 举报
// ToXml creates an XML encoding of the permission and its current state; FromXml reconstructs a
// permission with the specified state from the XML encoding.
private bool ToFromXmlDemo()
{
bool returnCodeCode = true;
String site1;
SiteIdentityPermission siteIdPerm1,siteIdPerm2;
bool successFlag;
SiteGenerator siteGen1 = new SiteGenerator();
SiteGenerator siteGen2 = new SiteGenerator();
siteGen1.ResetIndex();
while(siteGen1.CreateSite(out siteIdPerm1, out site1, out successFlag))
{
if(siteIdPerm1 == null | successFlag == false) continue;
siteGen2.ResetIndex();
Console.WriteLine("**************************************************************************");
try
{
siteIdPerm2= new SiteIdentityPermission(PermissionState.None);
siteIdPerm2.FromXml(siteIdPerm1.ToXml());
bool result = siteIdPerm2.Equals(siteIdPerm1);
if (siteIdPerm2.IsSubsetOf(siteIdPerm1) && siteIdPerm1.IsSubsetOf(siteIdPerm2))
{
Console.WriteLine("Result of ToFromXml = " + siteIdPerm2.ToString());
}
else
{
Console.WriteLine(siteIdPerm2.ToString());
Console.WriteLine(siteIdPerm1.ToString());
}
}
catch(Exception e) {
Console.WriteLine("ToFromXml failed. " + e);
continue;
}
}
return returnCodeCode;
}
// Invoke all demos.
public bool RunDemo()
{
bool returnCode=true;
bool tempReturnCode;
// Call the IsSubsetOf demo.
if(tempReturnCode= IsSubsetOfDemo())Console.Out.WriteLine("The IsSubsetOf demo completed successfully.");
else Console.Out.WriteLine("subsetDemo failed.");
returnCode=tempReturnCode && returnCode;
// Call the Union demo.
if(tempReturnCode= UnionDemo())Console.Out.WriteLine("The Union demo completed successfully.");
else Console.Out.WriteLine("UnionDemo failed.");
returnCode=tempReturnCode && returnCode;
// Call the Intersect demo.
if(tempReturnCode= IntersectDemo())Console.Out.WriteLine("The Intersect demo completed successfully.");
else Console.Out.WriteLine("IntersectDemo failed.");
returnCode=tempReturnCode && returnCode;
// Call the Copy demo.
if(tempReturnCode= CopyDemo())Console.Out.WriteLine("The Copy demo completed successfully.");
else Console.Out.WriteLine("CopyDemo failed.");
returnCode=tempReturnCode && returnCode;
// Call the ToFromXML demo.
if(tempReturnCode= ToFromXmlDemo())Console.Out.WriteLine("The ToFromXML demo completed successfully.");
else Console.Out.WriteLine("ToFromXmlDemo failed.");
returnCode=tempReturnCode && returnCode;
return ( returnCode );
}
// Test harness.
public static void Main(String[] args)
{
try
{
SiteIdentityPermissionDemo testcase = new SiteIdentityPermissionDemo();
bool returnCode = testcase.RunDemo();
if (returnCode)
{
Console.Out.WriteLine("The SiteIdentityPermission demo completed successfully.");
Console.Out.WriteLine("Press the Enter key to exit.");
string consoleInput = Console.ReadLine();
System.Environment.ExitCode = 100;
}
else
{
Console.Out.WriteLine("The SiteIdentityPermission demo failed.");
Console.Out.WriteLine("Press the Enter key to exit.");
string consoleInput = Console.ReadLine();
System.Environment.ExitCode = 101;
}
}
catch(Exception e)
{
Console.Out.WriteLine("The SiteIdentityPermission demo failed.");
Console.WriteLine(e.ToString());
Console.Out.WriteLine("Press the Enter key to exit.");
string consoleInput = Console.ReadLine();
System.Environment.ExitCode = 101;
}
}
}
// This class generates SiteIdentityPermission objects.
internal class SiteGenerator
{
private string[] siteArray =
// Replace this array with web sites of your own choosing.
{"www.northwindtraders.northwindtraders.com",
"*.northwindtraders.com",
"*.margiestravel.com","northwindtraders.com",
"*northwindtraders.com",""};
private int siteIndex = 0;
public SiteGenerator()
{
ResetIndex();
}
public void ResetIndex()
{
siteIndex = 0;
}
// CreateSite creates a SiteIdentityPermission.
public bool CreateSite(out SiteIdentityPermission sitePerm, out string site, out bool successFlag)
{
successFlag = true;
if(siteIndex >= siteArray.Length)
{
sitePerm = new SiteIdentityPermission(PermissionState.None);
site="null";
return false;
}
site = siteArray[siteIndex++];
try
{
sitePerm = new SiteIdentityPermission(site);
return true;
}
catch(ArgumentException e)
{
Console.WriteLine("An ArgumentException was thrown: " + e.Message);
successFlag = false;
if (site != null && site != "")
{
Console.WriteLine(site + " is an invalid site.");
}
else if (site == "")
{
Console.WriteLine("An empty string signifies an invalid site.");
site = "an empty string";
}
else
{
sitePerm = new SiteIdentityPermission(PermissionState.None);
Console.WriteLine(e);
site = "null";
return false;
}
sitePerm = new SiteIdentityPermission(PermissionState.None);
return true;
}
}
} // End of SiteGenerator.
// permission with the specified state from the XML encoding.
private bool ToFromXmlDemo()
{
bool returnCodeCode = true;
String site1;
SiteIdentityPermission siteIdPerm1,siteIdPerm2;
bool successFlag;
SiteGenerator siteGen1 = new SiteGenerator();
SiteGenerator siteGen2 = new SiteGenerator();
siteGen1.ResetIndex();
while(siteGen1.CreateSite(out siteIdPerm1, out site1, out successFlag))
{
if(siteIdPerm1 == null | successFlag == false) continue;
siteGen2.ResetIndex();
Console.WriteLine("**************************************************************************");
try
{
siteIdPerm2= new SiteIdentityPermission(PermissionState.None);
siteIdPerm2.FromXml(siteIdPerm1.ToXml());
bool result = siteIdPerm2.Equals(siteIdPerm1);
if (siteIdPerm2.IsSubsetOf(siteIdPerm1) && siteIdPerm1.IsSubsetOf(siteIdPerm2))
{
Console.WriteLine("Result of ToFromXml = " + siteIdPerm2.ToString());
}
else
{
Console.WriteLine(siteIdPerm2.ToString());
Console.WriteLine(siteIdPerm1.ToString());
}
}
catch(Exception e) {
Console.WriteLine("ToFromXml failed. " + e);
continue;
}
}
return returnCodeCode;
}
// Invoke all demos.
public bool RunDemo()
{
bool returnCode=true;
bool tempReturnCode;
// Call the IsSubsetOf demo.
if(tempReturnCode= IsSubsetOfDemo())Console.Out.WriteLine("The IsSubsetOf demo completed successfully.");
else Console.Out.WriteLine("subsetDemo failed.");
returnCode=tempReturnCode && returnCode;
// Call the Union demo.
if(tempReturnCode= UnionDemo())Console.Out.WriteLine("The Union demo completed successfully.");
else Console.Out.WriteLine("UnionDemo failed.");
returnCode=tempReturnCode && returnCode;
// Call the Intersect demo.
if(tempReturnCode= IntersectDemo())Console.Out.WriteLine("The Intersect demo completed successfully.");
else Console.Out.WriteLine("IntersectDemo failed.");
returnCode=tempReturnCode && returnCode;
// Call the Copy demo.
if(tempReturnCode= CopyDemo())Console.Out.WriteLine("The Copy demo completed successfully.");
else Console.Out.WriteLine("CopyDemo failed.");
returnCode=tempReturnCode && returnCode;
// Call the ToFromXML demo.
if(tempReturnCode= ToFromXmlDemo())Console.Out.WriteLine("The ToFromXML demo completed successfully.");
else Console.Out.WriteLine("ToFromXmlDemo failed.");
returnCode=tempReturnCode && returnCode;
return ( returnCode );
}
// Test harness.
public static void Main(String[] args)
{
try
{
SiteIdentityPermissionDemo testcase = new SiteIdentityPermissionDemo();
bool returnCode = testcase.RunDemo();
if (returnCode)
{
Console.Out.WriteLine("The SiteIdentityPermission demo completed successfully.");
Console.Out.WriteLine("Press the Enter key to exit.");
string consoleInput = Console.ReadLine();
System.Environment.ExitCode = 100;
}
else
{
Console.Out.WriteLine("The SiteIdentityPermission demo failed.");
Console.Out.WriteLine("Press the Enter key to exit.");
string consoleInput = Console.ReadLine();
System.Environment.ExitCode = 101;
}
}
catch(Exception e)
{
Console.Out.WriteLine("The SiteIdentityPermission demo failed.");
Console.WriteLine(e.ToString());
Console.Out.WriteLine("Press the Enter key to exit.");
string consoleInput = Console.ReadLine();
System.Environment.ExitCode = 101;
}
}
}
// This class generates SiteIdentityPermission objects.
internal class SiteGenerator
{
private string[] siteArray =
// Replace this array with web sites of your own choosing.
{"www.northwindtraders.northwindtraders.com",
"*.northwindtraders.com",
"*.margiestravel.com","northwindtraders.com",
"*northwindtraders.com",""};
private int siteIndex = 0;
public SiteGenerator()
{
ResetIndex();
}
public void ResetIndex()
{
siteIndex = 0;
}
// CreateSite creates a SiteIdentityPermission.
public bool CreateSite(out SiteIdentityPermission sitePerm, out string site, out bool successFlag)
{
successFlag = true;
if(siteIndex >= siteArray.Length)
{
sitePerm = new SiteIdentityPermission(PermissionState.None);
site="null";
return false;
}
site = siteArray[siteIndex++];
try
{
sitePerm = new SiteIdentityPermission(site);
return true;
}
catch(ArgumentException e)
{
Console.WriteLine("An ArgumentException was thrown: " + e.Message);
successFlag = false;
if (site != null && site != "")
{
Console.WriteLine(site + " is an invalid site.");
}
else if (site == "")
{
Console.WriteLine("An empty string signifies an invalid site.");
site = "an empty string";
}
else
{
sitePerm = new SiteIdentityPermission(PermissionState.None);
Console.WriteLine(e);
site = "null";
return false;
}
sitePerm = new SiteIdentityPermission(PermissionState.None);
return true;
}
}
} // End of SiteGenerator.
SureBeiJing 2003-10-22
- 打赏
- 举报
// Intersect creates and returns a new permission that is the intersection of the
// current permission and the permission specified.
private bool IntersectDemo()
{
bool returnCodeCode = true;
String site1,site2;
bool successFlag;
SiteIdentityPermission siteIdPerm1,siteIdPerm2,p3;
SiteGenerator siteGen1 = new SiteGenerator();
SiteGenerator siteGen2 = new SiteGenerator();
siteGen1.ResetIndex();
while(siteGen1.CreateSite(out siteIdPerm1, out site1, out successFlag))
{
if(siteIdPerm1 == null | successFlag == false) continue;
siteGen2.ResetIndex();
Console.WriteLine("**************************************************************************");
while(siteGen2.CreateSite(out siteIdPerm2, out site2, out successFlag))
{
if(siteIdPerm2 == null | successFlag == false) continue;
String firstSite = site1 == null ? "null" : site1;
String secondSite = site2 == null ? "null" : site2;
try
{
p3 = (SiteIdentityPermission)siteIdPerm1.Intersect(siteIdPerm2);
String thirdSite = p3.Site == null ? "null" : p3.Site;
if(p3 != null)
{
Console.WriteLine("The intersection of " + firstSite + " and \n\t" + secondSite + " = " + thirdSite + "\n");
}
else
{
Console.WriteLine("The intersection of " + firstSite + " and \n\t" + secondSite + " = null.\n");
}
}
catch
{
Console.WriteLine("The intersection of " + firstSite + " and \n\t" + secondSite + " = null.\n");
}
}
}
return returnCodeCode;
}
//Copy creates and returns an identical copy of the current permission.
private bool CopyDemo()
{
bool returnCodeCode = true;
String site1;
SiteIdentityPermission siteIdPerm1,siteIdPerm2;
bool successFlag;
SiteGenerator siteGen1 = new SiteGenerator();
SiteGenerator siteGen2 = new SiteGenerator();
siteGen1.ResetIndex();
while(siteGen1.CreateSite(out siteIdPerm1, out site1, out successFlag))
{
if(siteIdPerm1 == null | successFlag == false) continue;
siteGen2.ResetIndex();
Console.WriteLine("**************************************************************************");
try{
siteIdPerm2 = (SiteIdentityPermission)siteIdPerm1.Copy();
if (siteIdPerm2 != null )
{
Console.WriteLine("The copy of " + siteIdPerm2.ToString() + " succeeded.\n");
}
}
catch(Exception e)
{
Console.WriteLine("The copy failed : " + siteIdPerm1.ToString() + e);
continue;
}
}
return returnCodeCode;
}
// current permission and the permission specified.
private bool IntersectDemo()
{
bool returnCodeCode = true;
String site1,site2;
bool successFlag;
SiteIdentityPermission siteIdPerm1,siteIdPerm2,p3;
SiteGenerator siteGen1 = new SiteGenerator();
SiteGenerator siteGen2 = new SiteGenerator();
siteGen1.ResetIndex();
while(siteGen1.CreateSite(out siteIdPerm1, out site1, out successFlag))
{
if(siteIdPerm1 == null | successFlag == false) continue;
siteGen2.ResetIndex();
Console.WriteLine("**************************************************************************");
while(siteGen2.CreateSite(out siteIdPerm2, out site2, out successFlag))
{
if(siteIdPerm2 == null | successFlag == false) continue;
String firstSite = site1 == null ? "null" : site1;
String secondSite = site2 == null ? "null" : site2;
try
{
p3 = (SiteIdentityPermission)siteIdPerm1.Intersect(siteIdPerm2);
String thirdSite = p3.Site == null ? "null" : p3.Site;
if(p3 != null)
{
Console.WriteLine("The intersection of " + firstSite + " and \n\t" + secondSite + " = " + thirdSite + "\n");
}
else
{
Console.WriteLine("The intersection of " + firstSite + " and \n\t" + secondSite + " = null.\n");
}
}
catch
{
Console.WriteLine("The intersection of " + firstSite + " and \n\t" + secondSite + " = null.\n");
}
}
}
return returnCodeCode;
}
//Copy creates and returns an identical copy of the current permission.
private bool CopyDemo()
{
bool returnCodeCode = true;
String site1;
SiteIdentityPermission siteIdPerm1,siteIdPerm2;
bool successFlag;
SiteGenerator siteGen1 = new SiteGenerator();
SiteGenerator siteGen2 = new SiteGenerator();
siteGen1.ResetIndex();
while(siteGen1.CreateSite(out siteIdPerm1, out site1, out successFlag))
{
if(siteIdPerm1 == null | successFlag == false) continue;
siteGen2.ResetIndex();
Console.WriteLine("**************************************************************************");
try{
siteIdPerm2 = (SiteIdentityPermission)siteIdPerm1.Copy();
if (siteIdPerm2 != null )
{
Console.WriteLine("The copy of " + siteIdPerm2.ToString() + " succeeded.\n");
}
}
catch(Exception e)
{
Console.WriteLine("The copy failed : " + siteIdPerm1.ToString() + e);
continue;
}
}
return returnCodeCode;
}
SureBeiJing 2003-10-22
- 打赏
- 举报
用SiteIdentityPermission限定某些可访问站点。
// This sample demonstrates the IsSubsetOf, Union, Intersect, Copy, ToXml and FromXml methods
// of the SiteIdentityPermission class.
using System;
using System.Security;
using System.Security.Permissions;
[assembly:CLSCompliant(true)]
public class SiteIdentityPermissionDemo
{
// IsSubsetOf determines whether the current permission is a subset of the specified permission.
private bool IsSubsetOfDemo()
{
bool returnCodeCode = true;
String site1,site2;
bool successFlag;
SiteIdentityPermission siteIdPerm1,siteIdPerm2;
SiteGenerator siteGen1 = new SiteGenerator();
SiteGenerator siteGen2 = new SiteGenerator();
siteGen1.ResetIndex();
while(siteGen1.CreateSite(out siteIdPerm1, out site1, out successFlag))
{
if(siteIdPerm1 == null | successFlag == false) continue;
siteGen2.ResetIndex();
Console.WriteLine("**************************************************************************");
while(siteGen2.CreateSite(out siteIdPerm2, out site2, out successFlag))
{
try
{
if(siteIdPerm2 == null | successFlag == false) continue;
if(siteIdPerm1.IsSubsetOf(siteIdPerm2))
{
Console.WriteLine(site1 + " is a subset of " + site2);
}
else
{
Console.WriteLine(site1 + " is not a subset of " + site2);
}
}
catch (Exception e)
{
Console.WriteLine ( "An exception was thrown : " + e);
return false;
}
}
}
return returnCodeCode;
}
// Union creates a new permission that is the union of the current permission
// and the specified permission.
private bool UnionDemo()
{
bool returnCodeCode = true;
String site1,site2;
bool successFlag;
SiteIdentityPermission siteIdPerm1,siteIdPerm2,p3;
SiteGenerator siteGen1 = new SiteGenerator();
SiteGenerator siteGen2 = new SiteGenerator();
siteGen1.ResetIndex();
while(siteGen1.CreateSite(out siteIdPerm1, out site1, out successFlag))
{
if(siteIdPerm1 == null | successFlag == false) continue;
siteGen2.ResetIndex();
Console.WriteLine("**************************************************************************");
while(siteGen2.CreateSite(out siteIdPerm2, out site2, out successFlag)) {
if(siteIdPerm2 == null | successFlag == false) continue;
String firstSite = site1 == null ? "null" : site1;
String secondSite = site2 == null ? "null" : site2;
try
{
p3 = (SiteIdentityPermission)siteIdPerm1.Union(siteIdPerm2);
String thirdSite = p3.Site == null ? "null" : p3.Site;
if(p3 != null)
{
Console.WriteLine("The union of " + firstSite + " and \n\t" + secondSite + " = \n\t"
+ thirdSite + "\n");
}
else
{
Console.WriteLine("The union of " + firstSite + " and \n\t" + secondSite + " = null.\n");
}
}
catch
{
// Expected exception, result of the union is null.
Console.WriteLine("The union of " + firstSite + " and \n\t" + secondSite + " = null.\n");
}
}
}
return returnCodeCode;
}
// This sample demonstrates the IsSubsetOf, Union, Intersect, Copy, ToXml and FromXml methods
// of the SiteIdentityPermission class.
using System;
using System.Security;
using System.Security.Permissions;
[assembly:CLSCompliant(true)]
public class SiteIdentityPermissionDemo
{
// IsSubsetOf determines whether the current permission is a subset of the specified permission.
private bool IsSubsetOfDemo()
{
bool returnCodeCode = true;
String site1,site2;
bool successFlag;
SiteIdentityPermission siteIdPerm1,siteIdPerm2;
SiteGenerator siteGen1 = new SiteGenerator();
SiteGenerator siteGen2 = new SiteGenerator();
siteGen1.ResetIndex();
while(siteGen1.CreateSite(out siteIdPerm1, out site1, out successFlag))
{
if(siteIdPerm1 == null | successFlag == false) continue;
siteGen2.ResetIndex();
Console.WriteLine("**************************************************************************");
while(siteGen2.CreateSite(out siteIdPerm2, out site2, out successFlag))
{
try
{
if(siteIdPerm2 == null | successFlag == false) continue;
if(siteIdPerm1.IsSubsetOf(siteIdPerm2))
{
Console.WriteLine(site1 + " is a subset of " + site2);
}
else
{
Console.WriteLine(site1 + " is not a subset of " + site2);
}
}
catch (Exception e)
{
Console.WriteLine ( "An exception was thrown : " + e);
return false;
}
}
}
return returnCodeCode;
}
// Union creates a new permission that is the union of the current permission
// and the specified permission.
private bool UnionDemo()
{
bool returnCodeCode = true;
String site1,site2;
bool successFlag;
SiteIdentityPermission siteIdPerm1,siteIdPerm2,p3;
SiteGenerator siteGen1 = new SiteGenerator();
SiteGenerator siteGen2 = new SiteGenerator();
siteGen1.ResetIndex();
while(siteGen1.CreateSite(out siteIdPerm1, out site1, out successFlag))
{
if(siteIdPerm1 == null | successFlag == false) continue;
siteGen2.ResetIndex();
Console.WriteLine("**************************************************************************");
while(siteGen2.CreateSite(out siteIdPerm2, out site2, out successFlag)) {
if(siteIdPerm2 == null | successFlag == false) continue;
String firstSite = site1 == null ? "null" : site1;
String secondSite = site2 == null ? "null" : site2;
try
{
p3 = (SiteIdentityPermission)siteIdPerm1.Union(siteIdPerm2);
String thirdSite = p3.Site == null ? "null" : p3.Site;
if(p3 != null)
{
Console.WriteLine("The union of " + firstSite + " and \n\t" + secondSite + " = \n\t"
+ thirdSite + "\n");
}
else
{
Console.WriteLine("The union of " + firstSite + " and \n\t" + secondSite + " = null.\n");
}
}
catch
{
// Expected exception, result of the union is null.
Console.WriteLine("The union of " + firstSite + " and \n\t" + secondSite + " = null.\n");
}
}
}
return returnCodeCode;
}
sunnyfigo 2003-10-20
- 打赏
- 举报
gz
liuyd 2003-10-20
- 打赏
- 举报
高手快来,,,
juge 2003-10-20
- 打赏
- 举报
UP!
stonec 2003-10-20
- 打赏
- 举报
自己来
tianshidechibang 2003-10-18
- 打赏
- 举报
我也UP一下
Nicholasqpl 2003-10-18
- 打赏
- 举报
学习!帮你的up一下
stonec 2003-10-18
- 打赏
- 举报
补充一点:3、数据库的安全性,想来应该比在asp下要好做,因为他本身的安全性教asp下的要好,但是还是担心。万一被入侵,就不是闹着玩的了(里面有客户资料)。还有iis怎么设置。
牛牛Alex 2003-10-17
- 打赏
- 举报
gz
zzffrr 2003-10-17
- 打赏
- 举报
有这样的方案共享……
pengpengpeng88 2003-10-17
- 打赏
- 举报
极度关注...
clxxj 2003-10-17
- 打赏
- 举报
极度关注...
