Chapter 26. Authentication
Security is an important component of many web sites that need to be able to verify whoever is accessing the information on the web site. Authentication refers to the process of identifying the users of your web site. It is the process of validating credentials, such as name and password, against some authority. The ASP.NET framework includes a couple of different ways to authenticate your users. Also, the framework includes a Membership provider that you can use to maintain a list of your users and a Role provider that you can use to associate users with roles. In this lesson you learn how to configure the two types of authentication providers and how to use both the Membership provider and the Role provider.
AUTHENTICATION PROVIDERS
These are the two types of authentication providers that ASP.NET provides:
Windows Authentication Provider — This provider uses the authentication built into the Windows operating system to secure the application.
Forms Authentication Provider — This provider uses a login form to secure the application. This is the default provider used by both Web Forms and MVC.
Authentication is configured by using the authentication element in the web.config file. This is the default value for the authentication element in a Web Forms application:
<configuration>
...
<system.web>
...
<authentication mode="Forms">
<forms loginUrl="~/Account/Login.aspx" timeout="2880" />
</authentication>
</system.web>
</configuration>This is the default value ...
Get ASP.NET 4 24-Hour Trainer now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
