Building Secure ASP.NET Applications502
10. Verify that there is exactly one certificate with the fully qualified domain name
that you specified in the previous procedure.
You can double-click the certificate to view its details.
3. Install the Issuing CA’s Certificate on the Client
After the certificate has been installed and the SQL Server service has been re-
started, SQL Server can negotiate SSL with clients. Clients that use SSL to connect
to SQL Server must:
●
Have MDAC 2.6 or SQL Server 2000 connectivity libraries installed.
●
Trust the issuer of the SQL Server’s certificate.

To install the certificate of the issuing CA on the client computer
1. Log on to the client computer as an administrator.
2. Start Internet Explorer and browse to Microsoft Certificate Services, for example:
http://MyCA/certsrv
3. Click Retrieve the CA certificate or certificate revocation list, and then click
Next.
4. Click Install this CA certification path, and then click Yes in response to the
confirmation dialog to install the root certificate.
4. Force All Clients to Use SSL
You can configure the server to force all clients to use SSL (as described in this
procedure), or you can let clients choose whether or not to use SSL on a per-
connection basis (as described in the next procedure). The advantages of configur-
ing the server to force clients to use SSL are:
●
All communications are guaranteed to be secure.
●
Any unsecured connections are rejected.
The disadvantages are:

●
All clients must have MDAC 2.6 or SQL Server 2000 connectivity libraries
installed; earlier or generic libraries will fail to connect.
●
Connections that you do not need to secure suffer a slight performance overhead
due to the added encryption.
How To: Use SSL to Secure Communication with SQL Server 2000 503

To force all clients to use SSL
1. On the computer running SQL Server, click Server Network Utility in the
Microsoft SQL Server program group.
2. Click to select Force protocol encryption.
3. Verify that TCP/IP and/or named pipes are enabled.
SSL is not supported with other protocols.
4. Click OK to close the SQL Server Network Utility, and then click OK in response
to the SQL Server Network Utility message box.
5. Restart the SQL Server service.
All subsequent client connections will be required to use SSL, whether they
specify secure connections or not.
5. Allow Clients to Determine Whether to Use SSL
This procedure shows you how to configure SSL to allow clients to choose whether
or not to use SSL. You can either configure the client libraries to enforce the use
of SSL on all connections, or you can let individual applications choose on a per-
connection basis. The advantages of configuring the client are:
●
The overhead of SSL is incurred only for connections that truly require it.
●
Clients that do not support SSL with SQL Server can still connect.
If you adopt this approach, make sure that you are willing to allow unsecured
connections.


To reconfigure the server
1. On the computer running SQL Server, run the Server Network Utility.
2. Clear the Force protocol encryption check box.
3. Restart the SQL Server service.
4. Return to the client computer.

To use SSL for all client connections
With this approach, you configure the client libraries to use SSL for all connections.
This means that SQL Servers that do not support encryption and SQL Servers
earlier than SQL Server 2000 will not be accessible.
1. In the Microsoft SQL Server program group, click Client Network Utility.
2. Ensure that TCP/IP and/or named pipes are enabled.
3. Select Force protocol encryption.
Building Secure ASP.NET Applications504

To allow applications to choose whether or not to use encryption
With this approach applications use the connection string to determine whether or
not to use encryption. This allows each application to only use encryption when it is
needed.
1. If you are using the OLE-DB data provider to connect to SQL Server, set
Use Encryption for Data to true as shown in the following sample OLE-DB
connection string.
"Provider=SQLOLEDB.1;Integrated Security=SSPI;Persist Security
Info=False;Initial Catalog=Northwind;Data Source=sql01;Use Encryption for
Data=True"
2. If you are using the SQL Server .NET data provider to connect to SQL Server, set
Encrypt to true as shown in the following example.
"Server=sql01;Integrated Security=SSPI;Persist Security
Info=False;Database=Northwind;Encrypt=True"

6. Verify that Communication is Encrypted
In this procedure you will use Network Monitor to verify that data sent between the
application server and database server is encrypted. You will start by sending data
in clear text form and then enable encryption first by configuring the server and
then by configuring the client.

To verify that communication is encrypted
1. On the client computer, use Visual Studio.NET to create a new C# Console
Application called SQLSecureClient.
2. Copy the following code to class1.cs replacing all of the existing code.
Note: Replace server name in the connection string with the name of your database server.
using System;
using System.Data;
using System.Data.SqlClient;
namespace SQLSecureClient
{
class Class1
{
[STAThread]
static void Main(string[] args)
{
How To: Use SSL to Secure Communication with SQL Server 2000 505
// Replace the server name in the following connection string with the
// name of your database server
SqlConnection conn = new SqlConnection(
"server='sql01';database=NorthWind;Integrated Security='SSPI'");
SqlCommand cmd = new SqlCommand("SELECT * FROM Products");
try
{
conn.Open();

cmd.Connection = conn;
SqlDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
Console.WriteLine("{0} {1}",
reader.GetInt32(0).ToString(),
reader.GetString(1) );
}
reader.Close();
}
catch( Exception ex)
{
}
finally
{
conn.Close();
}
}
}
}
3. On the Build menu, click Build Solution.
4. In order for Windows authentication to succeed between the two computers, you
must duplicate the account that you are currently interactively logged on to the
client computer with, on the database server computer. Ensure that the user
name and password matches. An alternative is to use a domain account that is
recognized by both computers.
You must also use SQL Server Enterprise Manager to create a database logon for
the newly created account and add a new database user for this logon to the
Northwind database.
5. On the database server computer, use the SQL Server Network Utility to disable

the use of encryption by ensuring that the Force protocol encryption option is
not selected.
6. On the database server computer, click Network Monitor in the Administrative
Tools program group.
Building Secure ASP.NET Applications506
Note: A limited version of Network Monitor is available with Windows 2000 Server. A full
version is available with Microsoft SMS.
If you do not have Network Monitor installed, go to Add/Remove Programs in Control
Panel, click Add/Remove Windows Components, select Management and Monitoring
Tools from the Windows Components list, click Details and select Network Monitor Tools.
Click OK, and then click Next, to install the limited version of Network Monitor. You may be
prompted for a Windows 2000 Server CD.
7. On the Capture menu, click Filter to create a new filter configured to view
TCP/IP network traffic sent between the database server and database server.
8. Click the Start Capture button.
9. Return to the client computer and run the test console application. A list of
products from the Northwind database should be displayed in the console
window.
10. Return to the database server and click the Stop and View Capture button
within Network Monitor.
11. Double-click the first captured frame to view the captured data.
12. Scroll down through the captured frames. You should see the SELECT statement
in clear text followed by the list of products retrieved from the database.
13. Now force the use of encryption for all connections by configuring the server
with the SQL Server Network Utility:
a. Use the SQL Server Network Utility to select Force protocol encryption.
b. Stop and restart the SQL Server service.
14. Return to Network Monitor and click the Start Capture button. In the Save File
dialog box, click No.
15. Return to the client computer and run the test console application once again.

16. Return to the database server computer and click Stop and View Capture within
Network Monitor.
17. Confirm that the data is now unintelligible (because it is encrypted).
18. Reconfigure the server to no longer force encryption:
a. Use the SQL Server Network Utility and clear the Force protocol encryption
check box.
b. Stop and restart the SQL Server service.
19. Start a new capture within Network Monitor and rerun the client application.
Confirm that the data is once again in clear text.
20. Return to the client computer and select Client Network Utility from the
Microsoft SQL Server program group.
How To: Use SSL to Secure Communication with SQL Server 2000 507
21. Select Force protocol encryption, and then click OK to close the Client Network
Utility.
22. Return to Network Monitor and click the Start Capture button. In the Save File
dialog box, click No.
23. Return to the client computer and run the test console application once again.
24. Return to the database server computer and click Stop and View Capture within
Network Monitor.
25. Confirm that the data is now unintelligible (because it is encrypted).
26. Note that, in all cases, SQL Server sends its server authentication certificate in
the clear to the client at the beginning of the communication sequence. This is
part of the SSL protocol. Note that this occurs even when neither the server nor
the client requires encryption.
Additional Resources
For information about how to install Network Monitor in Windows 2000, go to the
Microsoft Knowledge Base and search for the following articles:
●
“HOW TO: Install Network Monitor in Windows 2000 (Q243270)”
●

“HOW TO: Enable SSL Encryption for SQL Server 2000 with Certificate
Server”(Q276553)”
For more information about Network Monitor, see the “Network Manager” section
of the Microsoft Platform SDK on MSDN ( />/default.asp?url=/library/en-us/netmon/netmon/network_monitor.asp).

Base Configuration
The following table illustrates the base software configuration used during the
development and testing of the Building Secure ASP.NET Applications Guide.
Base Configuration Notes
Windows 2000 SP3 For more information, see the following Knowledge Base article:
.NET Framework SP2 “INFO: Determining Whether Service Packs Are Installed on .NET
Framework” (
/default.aspx?scid=kb;en-us;Q318785)
The .NET Framework Service Pack 2 can be downloaded from:
/>/default.asp
ASP.NET Notes
Running ASP.NET on In general, it’s not advisable to run your Web server on a domain
a domain controller controller, because a compromise of the machine is a compromise
of the domain. If you need to run ASP.NET on a domain controller,
you need to give the ASP.NET process account appropriate privileges
as outlined in the following Knowledge Base article:
“BUG: ASP.NET Does Not Work with the Default ASPNET Account on
a Domain Controller” (
/default.aspx?scid=kb;en-us;q315158)
ASP.NET Session State />Security Update
MDAC Notes
MDAC 2.6 is required Visual Studio .NET installs MDAC 2.7
by the .NET Framework
SQL Server 2000 Notes
SQL Server 2000 SP2


Configuration Stores and Tools
The combined authentication, authorization, and secure communication services
available to .NET Web applications are summarized in the following tables. The
tables show the various security services available to each of the core .NET Web
application technologies and for each one indicates where the related security
configuration settings are maintained and what tools are available to edit the
settings.
Note: Settings within the Internet Information Services (IIS) metabase are configured using the
IIS MMC snap-in, or programmatically via script. Settings maintained within machine.config or
web.config can be edited with any text editor (such as Notepad) or XML editor (such as the
Microsoft Visual Studio® .NET XML editor).
Table 1: IIS security

configuration
Authentication Configuration Tools
Anonymous IIS metabase IIS MMC snap-in
Basic
Digest Script
Windows Integrated
Client Certificates Makecert.exe can be used
to create test certificates
Authorization Configuration Tools
NTFS permissions Windows (NTFS) file Windows Explorer
(Windows ACLs) system Cacls.exe
Security templates
Secedit.exe
IP and DNS restrictions IIS metabase Group Policy
Secure Communication Configuration Tools
SSL Windows (NTFS) file IIS MMC snap-in

system Script
IPSec Machine’s local policy Local Security Policy MMC
(registry) or Microsoft snap-in
Active Directory® directory Domain security Policy MMC
service snap-in
Ipsecpol.exe
Building Secure ASP.NET Applications512
Table 1: IIS security

configuration
(continued)
Additional Gatekeepers Configuration Tools
IP address and domain IIS metabase IIS MMC snap-in
name restrictions Script
Table 2: ASP.NET security

configuration
Authentication Configuration Tools
Windows <authentication> element Notepad.exe
Forms of machine.config or Visual Studio .NET
Passport web.config Any XML editor
None (Custom)
Authorization Configuration Tools
URL authorization <authorization> element of Notepad.exe
Machine.config or Visual Studio .NET
Web.config Any XML editor
File authorization Windows (NTFS) file Windows Explorer
system Calcs.exe
Active Directory Security templates
– or – Secedit.exe

SAM database Group Policy
– or – For Windows groups, use
Custom data store (for the Active Directory Users
example, SQL Server) and Computers MMC snap-
in or (for local settings) use
the Computer Management
tool
.NET roles ADSI script
Net.exe
For custom groups –
depends on custom data
store
Table 3: Enterprise Services security

configuration*
Authentication Configuration Tools
DCOM/RPC authentication COM+ Catalog Component Services MMC
Note: Computer-wide snap-in
settings for serviced Script (Catalog automation
component (and regular objects)
DCOM) proxies is
maintained in
Machine.config.
Configuration Stores and Tools 513
Authorization Configuration Tools
Enterprise Services COM+ Catalog Component Services MMC
(COM+) roles snap-in
Script (Catalog automation
objects)
Windows ACLs (when Windows (NTFS) file Windows Explorer

using impersonation in system Cacls.exe
serviced component) Security templates
Secedit.exe
Group Policy
Secure Communication Configuration Tools
RPC encryption COM+ Catalog Component Services
(packet privacy) Note: Computer-wide Script (Catalog automation
settings for serviced objects)
component (and regular
DCOM) proxies is
maintained in
Machine.config.
IPSec Machine’s local policy Local Security Policy MMC
(registry) or Active Directory snap-in
Ipsecpol.exe
* The security services for Enterprise Service components apply both to components hosted by server and
library applications. However, certain restrictions apply for library applications because many of the security
defaults are inherited from the host process and as a result are not directly configurable. Process-wide
authentication may also be explicitly switched off by library applications. For more details, see Chapter 9,
“Enterprise Services Security.”
Table 4: Web Services (Implemented using ASP.NET) security configuration
Authentication Configuration Tools
Windows <authentication> element Notepad
of Machine.config or Visual Studio .NET
Web.config Any XML editor
Custom Custom data store (for Depends on custom store.
example. SQL Server or
Active Directory)
Building Secure ASP.NET Applications514
Table 4: Web Services (Implemented using ASP.NET) security configuration

(continued)
Authorization Configuration Tools
URL Authorization Web.config Notepad
Visual Studio .NET
Any XML editor
File Authorization Windows (NTFS) file Windows Explorer
system Cacls.exe
Security templates
Secedit.exe
Group Policy
.NET roles Active Directory For Windows groups, use
– or – the Active Directory Users
SAM database and Computers MMC snap-
– or – in or (for local settings) use
Custom data store (for the Computer Management
example, SQL Server) tool
ADSI script
Net.exe
For custom groups
– depends on custom store
Secure Communication Configuration Tools
SSL IIS metabase IIS MMC snap-in
Script
IPSec Machine’s local policy Local Security Policy MMC
(registry) or Active Directory snap-in
Ipsecpol.exe
Table 5: .NET Remoting security configuration** (When hosted by ASP.NET using HTTP Channel)
Authentication Configuration Tools
Windows IIS metabase IIS MMC snap-in Script
Custom Custom data store (for Depends on custom store

example SQL Server)
Configuration Stores and Tools 515
Authorization Configuration Tools
URL authorization Web.config Notepad
Visual Studio .NET
Any XML editor
File authorization Windows (NTFS) file Windows Explorer
system Cacls.exe
Security templates
Secedit.exe
Group Policy
.NET roles Active Directory For Windows groups, use
– or – the Active Directory Users
SAM database and Computers MMC snap-
– or – in or (for local settings) use
Custom data store (for the Computer Management
example, SQL Server tool
ADSI script,
Net.exe
For custom groups –
depends on custom store
Secure Communication Configuration Tools
SSL IIS metabase IIS MMC snap-in Script
IPSec Machine’s local policy Local Security Policy MMC
(registry) or Active Directory snap-in
Ipsecpol.exe
** The security services shown for .NET Remoting assumes that the .NET remote component is hosted within
ASP.NET and is using the HTTP channel. No default security services are available to .NET remote components
hosted outside of IIS (for example, in a custom Win32 process or Win32 service) using the TCP channel. For
more details, see Chapter 11, “.NET Remoting Security.”

Building Secure ASP.NET Applications516
Table 6: .SQL Server security configuration
Authentication Configuration Tools
Integrated Windows SQL Server SQL Server Enterprise Manager
SQL Server Enterprise Manager
SQL Server standard SQL Server
authentication
Authorization Configuration Tools
Object permissions SQL Server SQL Server Enterprise Manager
Database roles Osql.exe (Database script)
Server roles
User defined database
roles
Application roles
Secure Communication Configuration Tools
SSL Server’s machine certificate Certificates MMC snap-in
store Server Network Utility
Client and server registry Client Network Utility
settings
Connection string
IPSec Machine’s local policy Local Security Policy snap-in
(registry) or Active Directory Ipsecpol.exe
Reference Hub
This section provides a series of reference links to articles, support roadmaps, and
technology hubs that relate to the core areas covered by the Building Secure ASP.NET
Applications guide. Use this section to help locate additional background reading
and useful articles. This section has a consolidated set of pointers for the following:
●
MSDN articles and hubs from MSDN ( />●
Knowledge Base articles and roadmaps for support ( />●

Articles and hubs from Microsoft.com ( />●
Seminars from Microsoft Online Seminars ( />●
Support WebCasts ( />●
How To articles on MSDN ( />For security specific How Tos, see />●
Articles and resources on GotDotNet ( />Searching the Knowledge Base
You can search the Microsoft Knowledge Base from two locations:
●
Directly from Microsoft’s Support site ( />●
Indirectly from MSDN’s search facility ( />When you search the Knowledge Base, you can supplement your search with
keywords to help refine the articles that appear as a result of your search.
The following example uses the support search site, but similar concepts apply
when searching from MSDN.

To search the Knowledge Base, from
1. In the Search the Knowledge Base box, select All Microsoft Search Topics (the
default selection).
2. In the For solutions containing (optional) box, type your search criteria. You can
use a combination of Knowledge Base keywords and search criteria.
The following list shows some example Knowledge Base keywords:
●
kbAspNet – Returns ASP.NET articles.
●
kbAspNet kbSecurity – Returns ASP.NET articles that discuss security issues.
●
kbAspNet impersonation – Returns ASP.NET articles that discuss impersonation.
Note that impersonation is not a keyword; it is simply an additional search crite-
rion, which helps to refine the search.
Building Secure ASP.NET Applications518
Tips
●

To access additional search options, click Show options.
●
To make sure the search includes all of the words you enter, click All of the
words entered in the Using field.
●
To limit the age of articles returned from the search, select a value from the
Maximum Age field.
●
To show more search results than the default 25, enter a value into the Results
Limit field.
You may find the following Knowledge Base keywords helpful:
●
Security: kbSecurity
●
Roadmaps: kbArtTypeRoadmap
●
How Tos: kbHowToMaster
You can use the preceding keywords in conjunction with the following technology
and product keywords:
●
ADO.NET: kbAdoNet
●
ASP.NET: kbAspNet
●
Enterprise Services: kbEntServNETFRAME
●
Web Services: kbWebServices
●
Remoting: kbRemoting
.NET Security

Hubs
●
MSDN: .NET Security Hub: />/Default.asp?contentid=28001369
●
GotDotNet: .NET Security: />Active Directory
Hubs
●
Microsoft.com: Active Directory information: />●
MSDN Active Directory information: />/default.asp?url=/nhp/Default.asp?contentid=28000413
Reference Hub 519
Key Notes
●
Transitive trust is always available between domains in the same forest. Only
“external trusts,” which are not transitive, are available in separate forests in
Windows 2000.
●
Active Directory installations in perimeter networks (also known as DMZ,
demilitarized zones, and screened subnets) should always be in a separate forest,
not just a separate domain. The forest is the security boundary. This concept is
illustrated in Chapter 6, “Extranet Security.”
●
If you need more than 5,000 members in a group then you need either .NET
Server (which supports direct group membership of arbitrary sizes) or nested
groups. The Commerce Server 2000 Software Development Kit (SDK) uses nested
groups. However, the SDK is not required.
Articles
●
Active Directory Extranet Adoption Fueled by Internet Scalability and Rapid
Return on Investment: />/05-08ADMomentumPR.asp
●

Netegrity SiteMinder 4.61 with Microsoft Active Directory AuthMark Perfor-
mance: />ADO.NET
Roadmaps and Overviews
●
INFO: Roadmap for Using ADO in .NET:
/default.aspx?scid=kb;EN-US;Q308044
●
INFO: Roadmap for ADO.NET DataSet Objects and XML Web Services
(Q313648): />Seminars and WebCasts
●
Advanced ADO.NET Online Seminars: />ASP.NET
Hubs
●
MSDN : ASP.NET Developer Center: />/default.asp?url=/nhp/default.asp?contentid=28000440
●
Support: ASP.NET Support Center:
/default.aspx?scid=fh;EN-US;aspnet
Building Secure ASP.NET Applications520
Roadmaps and Overviews
●
INFO: ASP.NET Roadmap:
/>●
INFO: ASP.NET Security Overview:
/>●
INFO: ASP.NET HTTP Modules and HTTP Handlers Overview:
/>●
INFO: ASP.NET Configuration Overview:
/>Knowledge Base
The following keywords help retrieve ASP.NET articles:
●

Show ASP.NET articles: kbAspNet
●
Show ASP.NET articles related to security: kbAspNet kbSecurity
Articles
●
Managed Security Context in ASP.NET: />/default.asp?url=/nhp/Default.asp?contentid=28000440
How Tos
●
HOW TO: Implement Forms-Based Authentication in Your ASP.NET Application
by Using C# .NET:
/>●
HOW TO: Secure ASP.NET Application Using Client-Side Certificate:
/>●
HOW TO: Secure an ASP.NET Application by Using Windows Security:
/>●
HOW TO: Implement Role-Based Security in ASP.NET App by Using C#:
/>●
HOW TO: Create Keys with VB .NET for Use in Forms Authentication:
/>●
HOW TO: Create Keys w/ C# .NET for Use in Forms Authentication:
/>●
HOW TO: Control Authorization Permissions in ASP.NET Application:
/>Reference Hub 521
●
HOW TO: Authenticate Against the Active Directory by Using Forms:
/>●
HOW TO: Implement Role-Based Security with Forms-Based Authentication in
Your ASP.NET Application by Using Visual Basic .NET:
/>For more ASP.NET related How Tos, you can search using the following KB
keywords:

●
kbAspNet
●
kbHowToMaster
Seminars and WebCasts
●
Support WebCast: Microsoft ASP.NET Security:
/>/servicedesks/webcasts/wc112001/wcblurb112001.asp
Enterprise Services
Knowledge Base
●
HOW TO: Search for Enterprise Services in the Knowledge Base and MSDN:
/>●
HOWTO: Search for COM+ Knowledge Base Articles:
/>Roadmaps and Overviews
●
INFO: Roadmap for .NET Enterprise Services:
/default.aspx?scid=kb;en-us;Q308672
●
Serviced Component Overview:
/>/cpconservicedcomponentoverview.asp
●
COM+ Integration: How .NET Enterprise Services Can Help You Build
Distributed Applications:
/>/complus0110.asp
●
Understanding Enterprise Services (COM+) in .NET:
/>/entserv.asp
Building Secure ASP.NET Applications522
How Tos

●
Q305683 – BETA-HOWTO: Create a Simple Serviced Component that Uses
Transactions in C#: http://kbtools/PreviewWEB/PreviewQ.asp?Q=305683
●
Q305679 – HOWTO: Sign Your Assembly with a Strong Name Using SN.EXE:
http://kbtools/PreviewWEB/PreviewQ.asp?Q=305679
FAQs
●
Enterprise Services FAQ:
/>Seminars and WebCasts
●
Support WebCast: Microsoft COM+ and the Microsoft .NET Framework:
/>/servicedesks/webcasts/wc032202/wcblurb032202.asp
●
Support WebCast: COM Threading and Application Architecture in COM+
Applications:
/>/servicedesks/webcasts/wc051801/wcblurb051801.asp
IIS (Internet Information Server)
Hubs
●
Microsoft.com: IIS : />●
Support: IIS 5 Support Center: IIS
/default.aspx?scid=fh;EN-US;iis50
Remoting
Roadmaps and Overviews
●
An Introduction to Microsoft .NET Remoting Framework:
/>/introremoting.asp?frame=true
●
Microsoft .NET Remoting: A Technical Overview:

/>/hawkremoting.asp
Reference Hub 523
How Tos
●
Remoting Basic and Advanced samples:
/>/remoting.asp
●
IPrincipal remoting sample:
/>Seminars and WebCasts
●
Develop Distributed Applications using Microsoft .NET Remoting: http://
www.microsoft.com/Seminar/Includes/Seminar.asp?Url=/Seminar/en/Developers
/20020531devt1-54/Portal.xml
●
Support WebCast: Microsoft .NET Framework: .NET Remoting Essentials
/>/servicedesks/webcasts/wc040402/wcblurb040402.asp
SQL Server
Hubs
●
MSDN: SQL Server: />/Default.asp?contentid=28000409
●
Support: SQL Server Support Center:
/>Seminars and WebCasts
●
Microsoft SQL Server 2000: How to Configure SSL Encryption
/>/servicedesks/webcasts/wc042302/wcblurb042302.asp
Visual Studio .NET
Hubs
●
Support: Visual Studio .NET Support Center:

/default.aspx?scid=fh;EN-US;vsnet
Roadmaps and Overviews:
●
HOW TO: Use the Key Productivity Features in Visual Studio .NET:
/>Building Secure ASP.NET Applications524
Web Services
Hubs
●
MSDN.Microsoft.Com: Web Services:
/>/Default.asp?contentid=28000442
Roadmaps and Overviews
●
INFO: Roadmap for ADO.NET DataSet Objects and XML Web Services
(Q313648):
/>●
INFO: Roadmap for XML Serialization in the .NET Framework:
/>●
INFO: Roadmap for XML in the .NET Framework:
/>●
XML Web Services Technology Map:
/>/Techmap_websvcs.asp?frame=true
●
House of Web Services:
;
/>How Tos
●
HOW TO: Secure XML Web Services with SSL in Windows 2000:
/>Seminars and WebCasts
●
Support WebCast: Microsoft ASP.NET: Advanced XML Web Services Using

ASP.NET:
/>/servicedesks/webcasts/wc032802/wcblurb032802.asp
●
Support WebCast: Microsoft .NET: Introduction to Web Services:
/>/servicedesks/webcasts/wc012902/wcblurb012902.asp
Search Online Seminars at for:
●
How to Migrate Windows DNA Applications to .NET and XML Web Services
●
XML Web Services – Authoring, Consuming, Testing and Deploying
Reference Hub 525
●
Best Practices for Building Web Services with Microsoft Visual Studio .NET
●
Advanced Web Services
Windows 2000
Hubs
●
Microsoft.com: Windows 2000 :
/>●
Support.Microsoft.Com: Windows 2000 Support Center:
/>●
MSDN.Microsoft.Com:
/>/Default.asp?contentid=28000458
●
TechNet.Microsoft.Com:
/>/windows2000serv/Default.asp