ASP.NET : Types of authentication and authorization
Types of authentication and authorization in ASP.NET
As we know that :
Authentication: - prove genuineness
Authorization: - process of granting approval or permission on resources.
Authorization: - process of granting approval or permission on resources.
There are 4 ways of doing authentication and
authorization in ASP.NET:-
Windows authentication: -
In this methodology ASP.NET web
pages will use local windows users and groups to authenticate and authorize
resources.
Forms Authentication: -
This is a cookie based
authentication where username and password are stored on client machines as
cookie files or they are sent through URL for every request. Form-based
authentication presents the user with an HTML-based Web page that prompts the
user for credentials.
Passport authentication: -
Passport authentication is
based on the passport website provided by the Microsoft .So when user logins
with credentials it will be reached to the passport website ( i.e. hotmail, devhood,
windows live etc) where authentication will happen. If Authentication is
successful it will return a token to your website.
Anonymous access: -
If you do not want any kind of
authentication then you will go for Anonymous access.
Generic Principal and Generic Identity objects represent
users who have been authenticated using Forms authentication or other custom
authentication mechanisms. With these objects, the role list is obtained in a
custom manner, typically from a database.
Forms Identity and Passport Identity objects represent users
who have been authenticated with Forms and Passport authentication respectively.
Comments
Post a Comment