Thursday, May 28, 2009

Authentication and authorization in asp.net

Authentication is the process that determines the identity of a user after a user has been authenticated, a developer can determine if the identified use has authorization to proceed.

Authorization is the process of determining whether an authenticated user is permitted access to other any part of application or access to specific data view that application provides.

There are three types of authentication method is provided by the asp.net users.

  1. Windows Authentication –Basic, Digest .
  2. Forms Authentication.
  3. Passport and integrated authentication.

Windows Authentication:

Windows authentication is used together with IIS authentication. When IIs Authentication is complete,ASP.NET uses the authenticated identity to authorize access. This is default settings.

Forms Authentication:

In forms authentication request that are no authenticated are redirect to an html form using HTTP client side redirection. The user provides his login information and submits the form. If application the request, the system issues a form that contains credentials or a key or a identity

Passport Authentication:

It is a centralized authentication service provided by Microsoft that offers single login and core profile services for member sites. This mode of authentication was de-emphasized by Microsoft at the end of 2004 year.

How to set authentication in web.config:

You can set the authentication mode in web.config as follows.

<Authentication Mode=”WindowsFormsPassportNone”></Authentication>

Share:

0 comments:

Post a Comment

Your feedback is very important to me. Please provide your feedback via putting comments.

Support this blog-Buy me a coffee

Buy me a coffeeBuy me a coffee
Search This Blog
Subscribe to my blog

  

My Mvp Profile
Follow us on facebook
Blog Archive
Total Pageviews