Thursday, April 18, 2013

ASP.NET Authentication

Posted by Rahul Kharde at 3:45 AM

What is Authentication?

Authenticating a user on a website means that you verify that this user is a valid user, that is, verifying who the user is using username/password or certificates, etc

Authentication knows the identity of the user

Authentication verifies who you are

Example: When you login to access some site then your logon credential (userid/password) identifies

There are three ways of doing authentication and authorization in ASP.NET

Windows based Authentication:

When you are providing access to the resources based on the network level login then it is called as “Windows based Authentication”.

The windows based authentication is applicable only towards private website of the organization i.e. intranet based implementation.

Credentials are stored in the Web server s local user database or an Active Directory 

. Once identified you can use the user s credentials to gain access to resources that are protected by Windows authorization

Form based Authentication:

Using forms authentication we can decide certain users can access only certain pages or we can control the anonymous access, we can implement folder level access and roles.

When u want to provide access to the resources based on the credentials provided with custom login page then it is called as “Form Based Authentication

The custom login page will be designed by the developer and credentials can be verified with the database server.

When client makes a request to the webpage other than “Login.aspx”, the web server will respond with Login page. Once the user submits proper credentials, web server will respond with requested webpage along with security token.

The security token will be sent to the client system in the form of cookie. This will act as an identity for the user for sub sequent requests.

The form based authentication is applicable for the public website i.e. internet level implementation.

Passport Authentication:

Passport authentication identifies a user with using his or her e-mail address and a password and a single Passport account can be used with many different Web sites. Passport authentication is primarily used for public Web sites with thousands of users. 

Passport authentication is an authentication for collection of Websites, so it is called as “Single sign on Service”.

The major problem with this Authentication is users’ information will be under the control of Microsoft.

Passport authentication relies on a centralized service provided by Microsoft.

If you enjoyed this post and wish to be informed whenever a new post is published, then make sure you subscribe to my regular Email Updates. Subscribe Now!

Kindly Bookmark and Share it:



Have any question? Feel Free To Post Below:


Popular Posts

Recent Comments

© 2011. All Rights Reserved | Help to understand .Net | Template by Blogger Widgets

Home | About | Top