Chapter 15. Authentication

only for RuBoard

IN THIS CHAPTER

  • Security Configuration

  • Types of Authentication

  • Using Forms Authentication

  • Role-based Forms Authentication

  • Summary

Authentication is the process of verifying a user 's identity against some authority such as an XML file or a database. Authentication is analogous to visiting an airport. Visitors are allowed in and can go into some areas. To get into other areas, such as the baggage handling area, a person must provide credentials to prove that he has the security clearance appropriate for the area. The level of clearance that a particular person has determines into which areas he is allowed. Web site authentication works in a similar fashion. With many Web sites, any visitor can view a portion of the Web site. Frequently, Web sites have " members -only" areas that require the user to be identified (authenticated).

When the user is authenticated, in other words, when the application can identify users, their requests for resources such as Web pages must be authorized. Authorization is the process of evaluating a user's credentials to determine if she can have access to the requested resource. In this chapter you will learn about the authentication types available to you in ASP.NET and how to authorize user requests. Specifically you will learn

  • Types of authentication

  • Security configuration options

  • Working with forms authentication

  • Enabling role-based authentication

ASP.NET provides a configuration file structure for maintaining user credentials. The default authentication format uses the configuration file, which includes usernames and passwords. The authentication classes are built with security in mind, and they provide methods for encrypting the passwords automatically.

only for RuBoard


Programming Data-Driven Web Applications with ASP. NET
Programming Data-Driven Web Applications with ASP.NET
ISBN: 0672321068
EAN: 2147483647
Year: 2000
Pages: 170

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net