Setting Up Authentication

In software terms, authentication means determining who somebody is. This is completely separate from authorization, which means determining whether a certain person is allowed to do a certain thing. Authorization usually happens after authentication. Appropriately, ASP.NET’s authentication facility is concerned only with securely identifying visitors to your site and setting up a security context in which you can decide what that particular visitor is allowed to do.

Using Windows Authentication

The first kind of authentication we can use is Windows Authentication. This is where the details of users and their security credentials are stored and managed by the operating system. We essentially inherit whatever authentication ...

Get Applied ASP.NET 4 in Context now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.