Security is an important component of many web sites that need to be able to verify whoever is accessing the information on the web site. Authentication refers to the process of identifying the users of your web site. It is the process of validating credentials, such as name and password, against some authority. The ASP.NET framework includes a couple of different ways to authenticate your users. Also, the framework includes a Membership provider that you can use to maintain a list of your users and a Role provider that you can use to associate users with roles. In this lesson you learn how to configure the two types of authentication providers and how to use both the Membership provider and the Role provider.
These are the two types of authentication providers that ASP.NET provides:
Windows Authentication Provider — This provider uses the authentication built into the Windows operating system to secure the application.
Forms Authentication Provider — This provider uses a login form to secure the application. This is the default provider used by both Web Forms and MVC.
Authentication is configured by using the
authentication element in the
web.config file. This is the default value for the
authentication element in a Web Forms application:
<configuration> ... <system.web> ... <authentication mode="Forms"> <forms loginUrl="~/Account/Login.aspx" timeout="2880" /> </authentication> </system.web> </configuration>
This is the default value ...