Friday, December 1, 2017

AUTHENTICATION IN ASP.NET

Authentication is the process of obtaining identification credentials such as name and password from a user and validating those credentials against some authority. If the credentials are valid, the entity that submitted the credentials is considered an authenticated identity. Once an identity has been authenticated, the authorization process determines whether that identity has access to a given resource.

In ASP.Net, it provide the three types authentication Provider
  1.    Window Authentication Provider
  2.    Form Based Authentication Provider
  3.    Passport Based Authentication 
Window Authentication Provider:

Windows Authentication is the default authentication mechanism for ASP.NET applications and is identified as the authentication mode for an application using the authentication configuration element

In this Authentication, we set the window mode in web.config as 

<system.web>
<authentication mode="Windows"/>
</system.web>
Form Based Authentication:

Forms authentication enables you to authenticate the user name and password of your users using a login form that you create. Unauthenticated requests are redirected to a login page, where the user provides credentials and submits the form.

How make the form based authentication

Step1: Firstly we set into web config file

<system.web>
<authentication mode="Forms"/>
</system.web>
Then we add the path of login page and give the name
<system.web> 
<authentication mode="Forms">
 <forms LoginUrl ="Default.aspx"name="pzqw"></forms>
</authentication>
</system.web>

Note: LoginUrl and name both are element of authentication. In LoginUrl, Logon.aspx is the URL to use for redirection if ASP.NET does not find an authentication cookie with the request. And name show the user value store in cookies.

Then we add the authorization for deny users
<system.web> 
<authentication mode="Forms">
 <forms LoginUrl="Default.aspx"name="pzqw"></forms>
</authentication>
<authorization>
      <deny users="?"/>
    </authorization>
</system.web>

  Save it and cancel 

Passport Based Authentication

In Passport Based Authentication, the user because it is no longer necessary to log on to access new protected resources or sites. If you want your site to be compatible with Passport authentication and authorization, this is the provider you should use.We set the authentication mode in web config is Passport

Authentication is used for security purpose how we secure our site with outside user or invalid user.


No comments:

Post a Comment