ASP.NET : Types of authentication and authorization

Types of authentication and authorization in ASP.NET

As we know that :
Authentication: - prove genuineness 
Authorization: - process of granting approval or permission on resources.


There are 4 ways of doing authentication and authorization in ASP.NET:-

Windows authentication: -

 In this methodology ASP.NET web pages will use local windows users and groups to authenticate and authorize resources.

Forms Authentication: - 

This is a cookie based authentication where username and password are stored on client machines as cookie files or they are sent through URL for every request. Form-based authentication presents the user with an HTML-based Web page that prompts the user for credentials.

Passport authentication: -

Passport authentication is based on the passport website provided by the Microsoft .So when user logins with credentials it will be reached to the passport website ( i.e. hotmail, devhood, windows live etc) where authentication will happen. If Authentication is successful it will return a token to your website.

Anonymous access: - 

If you do not want any kind of authentication then you will go for Anonymous access.

Generic Principal and Generic Identity objects represent users who have been authenticated using Forms authentication or other custom authentication mechanisms. With these objects, the role list is obtained in a custom manner, typically from a database.


Forms Identity and Passport Identity objects represent users who have been authenticated with Forms and Passport authentication respectively.

Other Post :




Comments