Saturday, February 26, 2011

Various ways of authentication techniques in ASP.NET

Hi friend ,In this article I would like share some important points about various ways of authetication techniques
Selecting an authentication provider is as simple as making an entry in the webconfig  file for the application.we can use of these entries to select the corresponding bulit in authetication provider

<authentication mode=”windows”>
<authentication mode=”passport”>
<authentication mode=”forms”>

Windows authetication  : if we select authetication for our ASP.NET application ,we also have to configure authentication with in IIS.This is because Windows authentication .IIS gives you a choice for four authentication methods


If we select Anonymous,IIS does not perform any authentication ,anyone is allowed to access the ASP.Net application

If we select basic authentication ,Users must provide a windows username and password to connect.But the main drawback is ,this information is sent over the network in clear text

If we select digest authetication Users must provide a windows username and password to connect.but this information is hashed before it is sent

If we select windows integrated authentication ,password never cross the network. Users must still have a username and password,but the application uses the Kerboeros or challenge/response protocols  authenticate the user

Passport Authentication : To use the passport authentication we have to download the passport software Development Kit (SDK) and install it in your system.passport authentication is a microsoft’s passport service to authenticate the users of our application.if your users have signed up with passport ,and you configure the authentication mode of the application to the passport authetication.Passport uses an encrypted cookie mechanism to indicate autheticated users.

Forms Authetication : Forms authetication provides you with a way to ohandle auhtetication using your own cutom logic with in an ASP.NET application.the following applies if we choose forms authentication

àwhen a user requests apage for the application ,ASPNET checks for the presence  of a special session cookie .if the cookie is present ,ASP.Net assumes the user is authenticated  and process to request

àif the cookie isn’t present .ASPNET redirects the user to a web form you provide.

That’s it. If you have any queries please let me know.i am always ready to share my knowledge withyou..
About the Author
Sayyad is a Software Engineer, Blogger and Founder of Developers Code from India.His articles mainly focus on .Net (Web and Windows based applications), Mobile Technologies (Android,IPhone,BlackBerry) and SEO.

Labels: , , , , , ,


At April 29, 2011 at 7:19 PM , Anonymous ken said...

Nice article.......


Post a Comment

Subscribe to Post Comments [Atom]

Links to this post:

Create a Link

<< Home