Codechef4u is a community for computer professionals,by computer professionals,just like you; who loves sharing and helping each others,Join them
Share your post

What are the Types of authentication available in ASP.NET?

There are three ways of doing authentication and authorization in ASP.NET:-

 Windows authentication: - 

In this technique ASP.NET web application will use local windows users and groups to authenticate and authorize resources.

Web.config sample settings:

   <configuration>
 
      <system.web>
 
         <authentication mode="Windows" />
 
         <authorization>
            <deny users="?"/>
         </authorization>
 
      </system.web>
 
   </configuration>


To permit all groups of an NT Group named Managers to have access to your resource

<configuration>
      <system.web>
         <authorization>
            <allow roles="domainname\Managers"/>
            <deny users="*"/>
         </authorization>
      </system.web>
   </configuration>


To permit only specific users:

   <configuration>
      <system.web>
         <authorization>
            <allow users="domainname\user1,domainname\user2,domainname\user3" />
            <deny users="*" />
         </authorization>
      </system.web>
   </configuration>

 

 Forms Authentication: - 

This authentication allows you to authenticate users by using your own code and then maintain an authentication token in a cookie or in the page URL.
This is customized authentication application user can use database user and password to access web application.

Web.config sample settings:

   <authentication mode="Forms">
      <forms name="SavingsPlan" loginUrl="/Login.aspx">
         <!--user and password custom settings-->
      </forms>
   </authentication>

 

Cookie use:

   <authentication mode="Forms">
<formstimeout="129600" protection="All" slidingExpiration="true" loginUrl="~/Account/login.aspx" cookieless="UseCookies"/>
    </authentication>

Passport authentication: - 

Passport authentication is based on the passport website provided By the Microsoft .So when user logins with credentials it will be reached to the passport website ( i.e. gmail,hotmail ,windows live etc) where authentication will happen. If Authentication is successful it will return a token to your website.

Anonymous access: - If you do not want any kind of authentication then you will go for Anonymous access.

Web.config sample settings:

   <configuration>
 
      <system.web>
 
         <authorization>
            <allow  users="?"/>
         </authorization>
 
      </system.web>
 
   </configuration>