When you begin a program for a customer using ASP.NET, you should consider about security. Security is one of the most important components of any application. Security is even more important when you are making a web application which is exposed to million of users. ASP.NET provides classes and methods that ensure that the application is secure from outside attacks. In this article we will investigate the different types of authentication provided by ASP.NET. In web.config file you can set authentication mode value 'windows' or 'forms'. What's about difference and how to you use them? (Authentication have some other values to, this article does not consider them.).
How to use mode "Windows"?
Windows Authentication mode provides the developer the ability to authenticate a user based on Windows user accounts. This is the default authentication mode provider by ASP.NET. This will return the computer name along with the user name.
- <authentication mode="Windows">
- <forms name=" AuthenticationDemo" loginUrl="logon.aspx" protection="All" path="/"timeout="30" />
- </authentication>
How to use mode "Forms"?
Insert the <Forms> tag, and fill the appropriate attributes.
- <authentication mode="Forms">
- <forms name=" AuthenticationDemo" loginUrl="logon.aspx" protection="All" path="/"timeout="30" />
- </authentication>