Home > DeveloperSection > Blogs > Role base security and cryptography in .net

Role base security and cryptography in .net

.NET Security  Cryptography 
0 Comment(s)
 705  View(s)
Rate this:

Role base security and cryptography in .net

In this blog, I’m explaining about Role base security and cryptography in .NET

Role Base security in .NET

1.       Use forms authentication to obtain and validate user credentials.

2.       Create forms Authentication Ticket objects based on name and roles retrieved from the data store.

3.       User Generic principle class that provides the roles-based authorization checking functionality. ASP.NET requires it to be stored in the HttpContext. User to relate it current application Http request.

4.       Use these objects to make authorization decisions.

5.       .NET Framework provides support for the implementation of role based security which consist of Authentication (identity) and Authorization (rights).

6.       The .NET provides access to the user through an identity and authorization access by principal object.

7.       Identities corresponds to users and their properties.identity classes belong to system.security.principal Namespace.

8.       Roles are string of role names added to a Principal to associate the current user with his assigned roles.



 Cryptography is a method used to protect the information and data from other parties that might use that data for any illegal activity.

ASP.NET provides a new class as Crypto present in System.Web.Helpers namespace.

Using the Crypto Class

The Crypto class contain the simplified versions of the cryptography.

The class is a static class, which means you cannot create an instance of this class.

Using the Method

1.       String GeneratingSalt()

This  method generates a new Salt to be  added to the input string before the hashing process would start.

2.       String Hash()

This function hashes the input string using either the default (SHA-256) algorithm or user can pass  algorithm for the ASP.NET to use to hash the password into.


3.       String HashPassword()

This  function return an RFC 2898 hash value of the  input sting passed by the user.


4.       Sting SHA1

Return the SHA1 hashed value for the input string provided.


5.       String SHA256

The algorithm used is SHA-256


6.       Bool VerifyHashPassword

This method would check for the password sent by the user.


Don't want to miss updates? Please click the below button!

Follow MindStick