Setting Up Authentication

In software terms, authentication means determining who somebody is. This is completely separate from authorization, which means determining whether a certain person is allowed to do a certain thing. Authorization usually happens after authentication. Appropriately, ASP.NET’s authentication facility is concerned only with securely identifying visitors to your site and setting up a security context in which you can decide what that particular visitor is allowed to do.

Using Windows Authentication

The first kind of authentication we can use is Windows Authentication. This is where the details of users and their security credentials are stored and managed by the operating system. We essentially inherit whatever authentication ...

Get Applied ASP.NET 4 in Context now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.