Answer / prasath

There are 3 authentication levels in .net
1.Windows
2.Forms
3.Passport

Basic and Digest Come under IIS Authentication Levels.

Answer / anandkbs

Windows authentication and IIS

If you select windows authentication for your ASP.NET
application, you also have to configure authentication
within IIS. This is because IIS provides Windows
authentication. IIS gives you a choice for four different
authentication methods:

Anonymous, basic digest, and windows integrated

If you select anonymous authentication, IIS doesn't perform
any authentication, Any one is allowed to access the ASP.NET
application.

If you select basic authentication, users must provide a
windows username and password to connect. How ever this
information is sent over the network in clear text, which
makes basic authentication very much insecure over the internet.

If you select digest authentication, users must still
provide a windows user name and password to connect. However
the password is hashed before it is sent across the network.
Digest authentication requires that all users be running
Internet Explorer 5 or later and that windows accounts to
stored in active directory.

If you select windows integrated authentication, passwords
never cross the network. Users must still have a username
and password, but the application uses either the Kerberos
or challenge/response protocols authenticate the user.
Windows-integrated authentication requires that all users be
running internet explorer 3.01 or later Kerberos is a
network authentication protocol. It is designed to provide
strong authentication for client/server applications by
using secret-key cryptography. Kerberos is a solution to
network security problems. It provides the tools of
authentication and strong cryptography over the network to
help to secure information in systems across entire enterprise

Passport authentication

Passport authentication lets you to use Microsoft's passport
service to authenticate users of your application. If your
users have signed up with passport, and you configure the
authentication mode of the application to the passport
authentication, all authentication duties are offloaded to
the passport servers.

Passport uses an encrypted cookie mechanism to indicate
authenticated users. If users have already signed into
passport when they visit your site, they'll be considered
authenticated by ASP.NET. Otherwise they'll be redirected to
the passport servers to log in. When they are successfully
log in, they'll be redirected back to your site

To use passport authentication you have to download the
Passport Software Development Kit (SDK) and install it on
your server. The SDK can be found at
http://msdn.microdoft.com/library/default.asp?url=/downloads/list/websrvpass.aps.
It includes full details of implementing passport
authentication in your own applications.

Forms authentication

Forms authentication provides you with a way to handle
authentication using your own custom logic with in an
ASP.NET application. The following applies if you choose
forms authentication.

1. When a user requests a page for the application,
ASP.NET checks for the presence of a special session cookie.
If the cookie is present, ASP.NET assumes the user is
authenticated and processes the request.
2. If the cookie isn't present, ASP.NET redirects the
user to a web form you provide
3. You can carry out whatever authentication, checks you
like in your form. When the user is authenticated, you
indicate this to ASP.NET by setting a property, which
creates the special cookie to handle subsequent requests.

Answer / guest

Basic
Digest
Windows
Forms
Passport

How .Net has implemented security for web applications?

1 Answers  

---

Differentiate between file-based dependency and key-based dependency.

0 Answers  

---

What is versioning in .NET?

1 Answers   Syntax Softtech, Wipro,

---

What is the maximum number of classes that can be contained in one dll file?

0 Answers  

---

Explain what is an assembly?

0 Answers  

---

what is session . how it is use ?

3 Answers   TCS,

---

HI, I have a very important query in mind. Please help me regarding this. I don't have any real time exp in .net. But I have a knowledge it .net. I got an offer from an MNC company as a software developer has I had kept 2 years of fake exp. Even though for this job I had worked hard to crack interview for more then a year. So, I would like to know how difficult it will be for working in real time as I don't have real time exp. Please tell me as soon as possible bcoz I need to join by next month. Can i sustain over there for a longer time or not. And also let me know how to work pressure will be over there. Please help me regarding this. I'm getting tension thinking about it. Thank you.

1 Answers   CTS,

---

To wrap up a call to a Web service the standard used is..?

0 Answers   Siebel,

---

What is rich control in asp.net?

0 Answers  

---

What is the difference between asp.net and mvc?

0 Answers  

---

What is recordset asp?

0 Answers  

---

if u r projet consist of 4 people means how can u manage the file

10 Answers   Mind Tree,

---