Authentication and authorization in

Authentication is the process that determines the identity of a user after a user has been authenticated, a developer can determine if the identified use has authorization to proceed.

Authorization is the process of determining whether an authenticated user is permitted access to other any part of application or access to specific data view that application provides.

There are three types of authentication method is provided by the users.

  1. Windows Authentication –Basic, Digest .
  2. Forms Authentication.
  3. Passport and integrated authentication.

Windows Authentication:

Windows authentication is used together with IIS authentication. When IIs Authentication is complete,ASP.NET uses the authenticated identity to authorize access. This is default settings.

Forms Authentication:

In forms authentication request that are no authenticated are redirect to an html form using HTTP client side redirection. The user provides his login information and submits the form. If application the request, the system issues a form that contains credentials or a key or a identity

Passport Authentication:

It is a centralized authentication service provided by Microsoft that offers single login and core profile services for member sites. This mode of authentication was de-emphasized by Microsoft at the end of 2004 year.

How to set authentication in web.config:

You can set the authentication mode in web.config as follows.

<Authentication Mode=”WindowsFormsPassportNone”></Authentication>


Popular posts from this blog

How to create Rest API(Web API) with ASP.NET Core 1.0

Creating PDF with ASP.Net MVC and RazorPDF

Solution: gulp is not recognized as internal or external command- Visual Studio