Understanding how to build secure SharePoint applications
With more and more SharePoint Farms running as extranet and intranet applications the importance of designing secure applications cannot be stressed enough. This article by Reza Alirezaei is a must read for all serious developers, architects and admins, who wish to thoroughly understand the security relevant aspects of the following topics in SharePoint:
- Identity and Principal Objects
- Web.config
- Web Parts and Custom Application Pages
- Event Handlers
- Timer Jobs
- Workflows
- Elevation of Privilege in Your Code
The article is a bit lengthy to read but definitely worthwhile.
