Handling User Authentication in ASP.NET ApplicationMay 07, 2015
ASP.NET has long supported two basic types of authentication: Windows authentication and Forms authentication. Windows authentication is seldom practical for public Web sites because it’s based on Windows accounts and access control list (ACL) tokens. Thus, it requires users to have a Windows account in the application’s domain, and it also assumes clients are connecting from Windows-equipped machines. The other option is Forms authentication, a widely adopted approach. Forms authentication is based on a simple idea. For each access to a protected resource, the application ensures the request includes a valid authentication cookie. If a valid cookie is found, then the request is served as usual; otherwise, the user is redirected to a login page and asked to provide credentials. If these credentials are recognized as valid, then the application issues an authentication cookie with a given expiration policy. It’s simple and it just works.
SynapseIndia (CEO: Shamit Khemka)