As you no doubt already now it, the .NET Framework stores application configuration information in dedicated XML files, with the extension of .config. You can easily manage your application using these configuration files. When working with ASP.NET, the hierarchy is as follows:
- Machine web.config
- Root (application) web.config
- Subfolder web.config
There are four types of authentication in ASP.NET:
- Windows authentication
- Forms authentication (used by the membership API)
- Passport authentication (mostly obsolete, consider Windows Live instead)
- Anonymous access
Forms Authentication is a token-based auth method. After login, the user gets an encrypted cookie with the login information. This token can also be stored in the query string, but more of it later. The process is simple:
- The client makes a request.
- IIS (if configured properly for Forms Authentication) passes the request to ASP.NET.
- ASP.NET checks for an authentication cookie (or info). If found it, proceeds to step 7.
- Redirects the user to the login page (default Login.aspx in machine.config).
- User enters credentials, ASP.NET authenticated. If authentication fails, access will be denied.
- If authentication succeeds, a cookie will be attached.
- ASP.NET tests the authorization settings and the current user.
- If fails, access will be denied, else access granted.
Pros to use Forms Authentication:
- Full control over the authentication code, via Membership API.
I'm a software developer professionalizing in the .NET platform and iOs development. Here you can find my notes for Microsoft certifications.
Everyone who seeks, finds
- .NET (35)
- .NET 70-536 (35)
- Configuration, Diagnostic, Management and Installation Features (6)
- Globalization, Drawing and Text Manipulation (2)
- Improving the Security of a .NET Framework Application (5)
- Interoperability, Reflection and Mailing Functionality (3)
- Serialization and IO Functionality (7)
- Service Processes, Threading and Application Domains (2)
- System Types and Collections (6)
- .NET 70-536 (35)
- ADO.NET (24)
- ASP.NET (68)
- Application Architecture (1)
- ASP.NET 70-562 (44)
- PRO ASP.NET 70-564 (20)
- Design Patterns (10)
- Objective-C (4)
- Personal (4)
- Silverlight (6)
- SQL Server (43)
- 70-433 (27)
- 70-451 (16)
- WCF (8)
- Windows Azure (8)
- WPF (20)