blogspot visit counter

Sunday, 14 April 2013

difference between form authentication and windows authentication asp net

asp.net state management/session interview questions answer
ASP.NET has ways to Authenticate a user:
1) Forms Authentication :-
 Form authentication is used for internet and intranet based application.
This is provided so that web pages can make use of the local Windows User and Groups .

2) Windows Authentication :-
Windows authentication is the default authentication provided by the .net framework.


Windows Authentication provider is the default authentication provider for ASP.NET applications. When a user using this authentication logs in to an application, the credentials are matched with the Windows domain through IIS.


There are 4 types of Windows Authentication methods:
1) Anonymous Authentication - IIS allows any user
2) Basic Authentication - A windows username and password has to be sent across the network (in plain text format, hence not very secure).
3) Digest Authentication - Same as Basic Authentication, but the credentials are encrypted. Works only on IE 5 or above
4) Integrated Windows Authentication - Relies on Kerberos technology, with strong credential encryption



Forms Authentication
- This authentication relies on code written by a developer, where credentials are matched against a database. Credentials are entered on web forms, and are matched with the database table that contains the user information.
 ---------------------------------------------------------------------------------------------------------
Authentication And Authorization
Authentication is the process of identification and validation of a user's credentials. After the identity is authenticated,
a process called authorization determines whether that identity has access to a particular resource.
ASP.NET provides three ways to authenticate a user:
Forms authentication
Windows authentication
Passport authentication

Setting in web.config file given below

Forms authentication
<configuration>
<system.web>
<authentication mode="Forms"/>
<forms name="login"loginUrl="loginPage.aspx" />
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</configuration>

Windows authentication
<authentication mode="Windows"/>
<authorization>
<allow users ="*" />
</authorization>

Passport authentication
<configuration>
<system.web>
<authenticationmode="Passport">
<passportredirectUrl="loginPage.aspx" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>

df

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...