ASP.NET has ways to Authenticate a user:
1) Forms Authentication :-
Form authentication is used for internet and intranet based application.
This is provided so that web pages can make use of the local Windows User and Groups .
2) Windows Authentication :-
Windows authentication is the default authentication provided by the .net framework.
Windows Authentication provider is the default authentication provider for ASP.NET applications. When a user using this authentication logs in to an application, the credentials are matched with the Windows domain through IIS.
There are 4 types of Windows Authentication methods:
1) Anonymous Authentication - IIS allows any user
2) Basic Authentication - A windows username and password has to be sent across the network (in plain text format, hence not very secure).
3) Digest Authentication - Same as Basic Authentication, but the credentials are encrypted. Works only on IE 5 or above
4) Integrated Windows Authentication - Relies on Kerberos technology, with strong credential encryption
Forms Authentication - This authentication relies on code written by a developer, where credentials are matched against a database. Credentials are entered on web forms, and are matched with the database table that contains the user information.
1) Forms Authentication :-
Form authentication is used for internet and intranet based application.
This is provided so that web pages can make use of the local Windows User and Groups .
2) Windows Authentication :-
Windows authentication is the default authentication provided by the .net framework.
Windows Authentication provider is the default authentication provider for ASP.NET applications. When a user using this authentication logs in to an application, the credentials are matched with the Windows domain through IIS.
There are 4 types of Windows Authentication methods:
1) Anonymous Authentication - IIS allows any user
2) Basic Authentication - A windows username and password has to be sent across the network (in plain text format, hence not very secure).
3) Digest Authentication - Same as Basic Authentication, but the credentials are encrypted. Works only on IE 5 or above
4) Integrated Windows Authentication - Relies on Kerberos technology, with strong credential encryption
Forms Authentication - This authentication relies on code written by a developer, where credentials are matched against a database. Credentials are entered on web forms, and are matched with the database table that contains the user information.
---------------------------------------------------------------------------------------------------------
Authentication And Authorization
Authentication is the process of identification and validation of a user's credentials. After the identity is authenticated,
a process called authorization determines whether that identity has access to a particular resource.
ASP.NET provides three ways to authenticate a user:
Forms authentication
Windows authentication
Passport authentication
Setting in web.config file given below
Forms authentication
<configuration>
<system.web>
<authentication mode="Forms"/>
<forms name="login"loginUrl="loginPage.aspx" />
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</configuration>
Windows authentication
<authentication mode="Windows"/>
<authorization>
<allow users ="*" />
</authorization>
Passport authentication
<configuration>
<system.web>
<authenticationmode="Passport">
<passportredirectUrl="loginPage.aspx" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
df
Authentication And Authorization
Authentication is the process of identification and validation of a user's credentials. After the identity is authenticated,
a process called authorization determines whether that identity has access to a particular resource.
ASP.NET provides three ways to authenticate a user:
Forms authentication
Windows authentication
Passport authentication
Setting in web.config file given below
Forms authentication
<configuration>
<system.web>
<authentication mode="Forms"/>
<forms name="login"loginUrl="loginPage.aspx" />
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</configuration>
Windows authentication
<authentication mode="Windows"/>
<authorization>
<allow users ="*" />
</authorization>
Passport authentication
<configuration>
<system.web>
<authenticationmode="Passport">
<passportredirectUrl="loginPage.aspx" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
df