Saturday, 19 April 2014

What are the Authentication Methods in Asp.Net


Ans) Asp.Net provides three types of authentications based on project. We have to decide which type of authentication is suitable for us. A project can have only on authenticate type.
The following authentications are supported by Asp.Net
·        Windows Authentication.
·        Passport Authentication
·        Forms Authentication.
Windows Authentication:  
·        Client makes a request for secured web page.
·        IIS will take the request and checks for identity and redirects “login window” in order to access the secured page.
·        User enters the credentials and submits back to server. Now IIS will check the username /password against o/s account’s or With configured accounts and when found creates identity for users with this identity user enters into asp.net and gets the secured page as the result.
 Passport Authentication :
  •        It is a third party authentication which means we use another website in order to authenticate our user.
  •         Client makes a request for a secured web  page.
  •         IIS allows user as anonymous which is compulsory in order to implement any other authentication method.
  •         User enters into ASP.Net and this time it redirects user to passport.com website as the user is anonymous and doesn’t hold passport identity.
  •         Now passport will return login page to the user. Where user enters credentials and resubmits to passport. Passport checks and creates identity called Passport Identity. After creating identity it redirects the user back to website. Again IIS allows and this time ASP.Net also allows user with security.

Forms Authentication:
  •        In  Forms Authentication Asp.net only performs authentication using the data source defined by user. It is most suitable for commercial web application or internet based application.
  •         Client makes the request for secured web page.
  •         IIS will allow the user as anonymous and redirects the user to asp.net
  •         Now asp.net checks for forms authentication ticket, in absence sends login.aspx page to client. This page should be created by user and it should be also be in root directory of application.
  •         Client enters the required credentials and resubmits the same to asp.net (via IIS) Asp.net process the form and creates forms authentication ticket.
  •         Now Asp.net redirects secured page to user.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)