Authentication is the process of obtaining identification credentials such as name and password from a user and validating those credentials against some authority. If the credentials are valid, the entity that submitted the credentials is considered an authenticated identity. Once an identity has been authenticated, the authorization process determines whether that identity has access to a given resource.
In ASP.Net, it provide the three types authentication Provider
- Window Authentication Provider
- Form Based Authentication Provider
- Passport Based Authentication
Window Authentication Provider:
Windows Authentication is the default authentication mechanism for ASP.NET applications and is identified as the authentication mode for an application using the authentication configuration element
In this Authentication, we set the window mode in web.config as
Form Based Authentication:
Forms authentication enables you to authenticate the user name and password of your users using a login form that you create. Unauthenticated requests are redirected to a login page, where the user provides credentials and submits the form.
How make the form based authentication
Step1: Firstly we set into web config file
Then we add the path of login page and give the name
<forms LoginUrl ="Default.aspx"name="pzqw"></forms>
Note: LoginUrl and name both are element of authentication. In LoginUrl, Logon.aspx is the URL to use for redirection if ASP.NET does not find an authentication cookie with the request. And name show the user value store in cookies.
Then we add the authorization for deny users
Save it and cancel
Passport Based Authentication
In Passport Based Authentication, the user because it is no longer necessary to log on to access new protected resources or sites. If you want your site to be compatible with Passport authentication and authorization, this is the provider you should use.We set the authentication mode in web config is Passport
Authentication is used for security purpose how we secure our site with outside user or invalid user.