Answer / prasath

There are 3 authentication levels in .net
1.Windows
2.Forms
3.Passport

Basic and Digest Come under IIS Authentication Levels.

Answer / anandkbs

Windows authentication and IIS

If you select windows authentication for your ASP.NET
application, you also have to configure authentication
within IIS. This is because IIS provides Windows
authentication. IIS gives you a choice for four different
authentication methods:

Anonymous, basic digest, and windows integrated

If you select anonymous authentication, IIS doesn't perform
any authentication, Any one is allowed to access the ASP.NET
application.

If you select basic authentication, users must provide a
windows username and password to connect. How ever this
information is sent over the network in clear text, which
makes basic authentication very much insecure over the internet.

If you select digest authentication, users must still
provide a windows user name and password to connect. However
the password is hashed before it is sent across the network.
Digest authentication requires that all users be running
Internet Explorer 5 or later and that windows accounts to
stored in active directory.

If you select windows integrated authentication, passwords
never cross the network. Users must still have a username
and password, but the application uses either the Kerberos
or challenge/response protocols authenticate the user.
Windows-integrated authentication requires that all users be
running internet explorer 3.01 or later Kerberos is a
network authentication protocol. It is designed to provide
strong authentication for client/server applications by
using secret-key cryptography. Kerberos is a solution to
network security problems. It provides the tools of
authentication and strong cryptography over the network to
help to secure information in systems across entire enterprise

Passport authentication

Passport authentication lets you to use Microsoft's passport
service to authenticate users of your application. If your
users have signed up with passport, and you configure the
authentication mode of the application to the passport
authentication, all authentication duties are offloaded to
the passport servers.

Passport uses an encrypted cookie mechanism to indicate
authenticated users. If users have already signed into
passport when they visit your site, they'll be considered
authenticated by ASP.NET. Otherwise they'll be redirected to
the passport servers to log in. When they are successfully
log in, they'll be redirected back to your site

To use passport authentication you have to download the
Passport Software Development Kit (SDK) and install it on
your server. The SDK can be found at
http://msdn.microdoft.com/library/default.asp?url=/downloads/list/websrvpass.aps.
It includes full details of implementing passport
authentication in your own applications.

Forms authentication

Forms authentication provides you with a way to handle
authentication using your own custom logic with in an
ASP.NET application. The following applies if you choose
forms authentication.

1. When a user requests a page for the application,
ASP.NET checks for the presence of a special session cookie.
If the cookie is present, ASP.NET assumes the user is
authenticated and processes the request.
2. If the cookie isn't present, ASP.NET redirects the
user to a web form you provide
3. You can carry out whatever authentication, checks you
like in your form. When the user is authenticated, you
indicate this to ASP.NET by setting a property, which
creates the special cookie to handle subsequent requests.

Answer / guest

Basic
Digest
Windows
Forms
Passport

Will session work if cookies is disabled?

0 Answers  

---

Define managed code and managed data in .net?

0 Answers  

---

how can u create the forms authentication?and what is the difference between forms authentication and windows authentication?

2 Answers   IBM,

---

What is the difference between stored procedure vs function?

0 Answers  

---

how to retrieve property settings from xml .config file.

0 Answers  

---

Describe and In Process Vs Out of Process component. Which is faster?

2 Answers   Syntax Softtech,

---

How do I use response redirect?

0 Answers  

---

what is loosely coupled solution? How it can be used?

0 Answers   Siebel,

---

What is a Metadata?

3 Answers  

---

Explain how is a property designated as read-only?

0 Answers  

---

when i want to use asp.net configuration for creat users and roles i recived this message: There is a problem with your selected data store. This can be caused by an invalid server name or credentials, or by insufficient permission. It can also be caused by the role manager feature not being enabled. Click the button below to be redirected to a page where you can choose a new data store. The following message may help in diagnosing the problem: Unable to connect to SQL Server database. when i clicked the choose data source button that give me another message that is this: Use this page to configure how Web site management data such as membership is stored. You can use a single provider for all the management data for your site or you can specify a different provider for each feature. Your application is currently configured to use the provider: AspNetSqlProvider Select a single provider for all site management data Select a different provider for each feature (advanced) ------------------------- and this message was reapeted in other choose again. please help me if u know why i gave that message so i wont can creat my users and roles

0 Answers  

---

What is role manager work in web.config? how to restrict perticular pages from the users using the role manager?

1 Answers   Patni,

---