What is authentication and which are the types of Authentication in Asp.NET?

Authentication is the process of validating client identity, usually by means of a designated third-party authority. The client might be an end user, computer, application, or service. The client's identity is called a security principal. To authenticate with a server application, the client provides some form of credentials to allow the server to verify the client's identity. After the client's identity is confirmed, the application can authorize the principal to perform operations and access resources.

Windows Authentication

The WindowsAuthenticationModule provider relies on IIS to provide authenticated users, using any of the mechanisms IIS supports. The provider module constructs a WindowsIdentity object. The default implementation constructs a WindowsPrincipal object and attaches it to the application context. The WindowsPrincipal object maps identities to Windows groups.

Forms authentication uses an authentication ticket that is created when a user logs on to a site, and then it tracks the user throughout the site. The forms authentication ticket is usually contained inside a cookie. However, ASP.NET version 2.0 supports cookieless forms authentication, which results in the ticket being passed in a query string.

Passport authentication is a centralized authentication service provided by Microsoft that offers a single logon and core profile services for member sites.

Source :
Windows : http://authors.aspalliance.com/aspxtreme/webapps/thewindowsauthenticationprovider.aspx
Forms : http://authors.aspalliance.com/aspxtreme/webapps/thecookieauthenticationprovider.aspx
Passport :http://authors.aspalliance.com/aspxtreme/webapps/thepassportauthenticationprovider.aspx


Post a Comment