With Forms authentication you use a classic custom login page to gather credentials from users and to authenticate the information supplied against a database or other data store of authorized users. You can also leverage the FormsAuthentication APIs built into ASP.NET to issue a cookie back to the client. Recipes in this chapter show you how to use Forms authentication to restrict access to some or all pages of an application. We also show you how to restrict access to pages depending on the role assigned to the user.

Implementing Windows authentication involves using a standard Windows dialog box to gather user credentials and validating the user against existing Windows accounts. If your application runs on an intranet, you will find that the last recipe in the chapter helps you implement Windows authentication in record time.

Passport authentication uses Microsoft’s Passport service to perform the required authentication. We haven’t provided any examples in this chapter, not because Passport authentication is especially difficult but because we doubt many readers are actually implementing it. Irrespective of our personal views, we have yet to see much interest in Passport authentication on a commercial level.