articles

Home / DeveloperSection / Articles / Authentication in ASP.NET

Ask Question

Authentication in ASP.NET

Amit Singh 8485 27-Nov-2010

Authentication is the process of obtaining identification credentials such as name and password from a user and validating those credentials against some authority. If the credentials are valid, the entity that submitted the credentials is considered an authenticated identity. Once an identity has been authenticated, the authorization process determines whether that identity has access to a given resource.

In ASP.Net, it provide the three types authentication Provider
  1.    Window Authentication Provider
  2.    Form Based Authentication Provider
  3.    Passport Based Authentication 
Window Authentication Provider:

Windows Authentication is the default authentication mechanism for ASP.NET applications and is identified as the authentication mode for an application using the authentication configuration element

In this Authentication, we set the window mode in web.config as 

<system.web>
<authentication mode="Windows"/>
</system.web>
Form Based Authentication:

Forms authentication enables you to authenticate the user name and password of your users using a login form that you create. Unauthenticated requests are redirected to a login page, where the user provides credentials and submits the form.

How make the form based authentication

Step1: Firstly we set into web config file

<system.web>
<authentication mode="Forms"/>
</system.web>
Then we add the path of login page and give the name
<system.web> 
<authentication mode="Forms">
 <forms LoginUrl ="Default.aspx"name="pzqw"></forms>
</authentication>
</system.web>

Note: LoginUrl and name both are element of authentication. In LoginUrl, Logon.aspx is the URL to use for redirection if ASP.NET does not find an authentication cookie with the request. And name show the user value store in cookies.

Then we add the authorization for deny users
<system.web> 
<authentication mode="Forms">
 <formsLoginUrl="Default.aspx"name="pzqw"></forms>
</authentication>
<authorization>
      <denyusers="?"/>
    </authorization>
</system.web>

  Save it and cancel 

Passport Based Authentication

In Passport Based Authentication, the user because it is no longer necessary to log on to access new protected resources or sites. If you want your site to be compatible with Passport authentication and authorization, this is the provider you should use.We set the authentication mode in web config is Passport

Authentication is used for security purpose how we secure our site with outside user or invalid user.


asp.netasp.net 
Updated 29-Nov-2017
Amit Singh

Amit Singh

Follow

Leave Comment

2 Comments

View All Comments
Anonymous User

Anonymous User

23-Feb-2019

Thank You.

John Smith

John Smith

25-Mar-2011
Thanks!
Very Good Article.

Comments

Liked By