Using Forms Authentication

Forms authentication uses an HTML form–based login interface. The user supplies her credentials, typically a username and password, via the form. The credentials are authenticated against some authority, such as a database or XML file of users. When authenticated, a cookie is issued to the client. On each subsequent request, the cookie is appended to the request header. On each request, the user is authenticated and, if she is authorized for the requested resource, the requested resource is returned to the client. Listing 15.3 shows the security section of the web.config file to enable Forms Authentication.

Listing 15.3. Enabling Forms Authentication
 01: <authentication mode="Forms"> 02: <forms name="MyApp" loginUrl="PDDWA/C15/CSharp/login.aspx"> ...

Get Programming Data-Driven Web Applications with ASP.NET now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.