What is Authorization and Authentication in asp.net?
Authentication: - prove genuineness
Authorization: - Process of granting approval or permission on resources to user or role.
Type of authentication
• Windows authentication: - In this authentication web pages will use local windows users and groups to authenticate and authorize resources.
Example :-
<?xml version="1.0"?>
<configuration>
<system.web>
<!--
The <authentication> section enables configuration of the security authentication mode used by ASP.NET to identify an incoming user.
-->
<authentication mode="Windows" />
</system.web>
</configuration>
• Forms Authentication: - This is a cookie based authentication where username and password are stored on client machines as cookie files or they are sent through URL for every request. Form-based authentication presents the user with an HTML-based Web page that prompts the user for credentials.
Example:-
<?xml version="1.0"?>
<configuration>
<system.web>
<authentication mode="Forms"/>
<authorization>
<deny users="?"/> <!--This will restrict anonymous user access-->
</authorization>
</system.web>
<location path="profile_page.aspx"> <!-- Path of your profile_page.aspx page -->
<system.web>
<authorization>
<allow users="*"/> <!-- This will allow users to access to everyone to profile_page.aspx -->
</authorization>
</system.web>
</location>
</configuration>
• Passport authentication: - Passport authentication relies on a centralized service provided by Microsoft. Passport authentication identifies a user with using his or her e-mail address and a password and a single Passport account can be used with many different Web sites. Passport authentication is primarily used for public Web sites with thousands of users. But Passport authentication is not widely used. It’s used to authenticate in Microsoft database, (Hotmail, live.com, etc)
What is Authorization and Authentication in asp.net?
Reviewed by NEERAJ SRIVASTAVA
on
5:27:00 PM
Rating:
No comments: