Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Software >> Microsoft Related >> ASP.NET
  2. Suggest New Category

Explain authentication levels in .net ?

Question Posted / anandkbs

Answer Posted / anandkbs

Windows authentication and IIS

If you select windows authentication for your ASP.NET
application, you also have to configure authentication
within IIS. This is because IIS provides Windows
authentication. IIS gives you a choice for four different
authentication methods:

Anonymous, basic digest, and windows integrated

If you select anonymous authentication, IIS doesn't perform
any authentication, Any one is allowed to access the ASP.NET
application.

If you select basic authentication, users must provide a
windows username and password to connect. How ever this
information is sent over the network in clear text, which
makes basic authentication very much insecure over the internet.

If you select digest authentication, users must still
provide a windows user name and password to connect. However
the password is hashed before it is sent across the network.
Digest authentication requires that all users be running
Internet Explorer 5 or later and that windows accounts to
stored in active directory.

If you select windows integrated authentication, passwords
never cross the network. Users must still have a username
and password, but the application uses either the Kerberos
or challenge/response protocols authenticate the user.
Windows-integrated authentication requires that all users be
running internet explorer 3.01 or later Kerberos is a
network authentication protocol. It is designed to provide
strong authentication for client/server applications by
using secret-key cryptography. Kerberos is a solution to
network security problems. It provides the tools of
authentication and strong cryptography over the network to
help to secure information in systems across entire enterprise

Passport authentication

Passport authentication lets you to use Microsoft's passport
service to authenticate users of your application. If your
users have signed up with passport, and you configure the
authentication mode of the application to the passport
authentication, all authentication duties are offloaded to
the passport servers.

Passport uses an encrypted cookie mechanism to indicate
authenticated users. If users have already signed into
passport when they visit your site, they'll be considered
authenticated by ASP.NET. Otherwise they'll be redirected to
the passport servers to log in. When they are successfully
log in, they'll be redirected back to your site

To use passport authentication you have to download the
Passport Software Development Kit (SDK) and install it on
your server. The SDK can be found at
http://msdn.microdoft.com/library/default.asp?url=/downloads/list/websrvpass.aps.
It includes full details of implementing passport
authentication in your own applications.

Forms authentication

Forms authentication provides you with a way to handle
authentication using your own custom logic with in an
ASP.NET application. The following applies if you choose
forms authentication.

1. When a user requests a page for the application,
ASP.NET checks for the presence of a special session cookie.
If the cookie is present, ASP.NET assumes the user is
authenticated and processes the request.
2. If the cookie isn't present, ASP.NET redirects the
user to a web form you provide
3. You can carry out whatever authentication, checks you
like in your form. When the user is authenticated, you
indicate this to ASP.NET by setting a property, which
creates the special cookie to handle subsequent requests.

Is This Answer Correct ?    8 Yes 0 No



Post New Answer       View All Answers


Please Help Members By Posting Answers For Below Questions

Explain the concept of View Model in MVC?

1024

What is the concepts of globalization and localization in .net?

963

Can you edit data in the Repeater control? Which template must you provide, in order to display data in a Repeater control? How can you provide an alternating color scheme in a Repeater control? What property must you set, and what method must you call in your code, in order to bind the data from some data source to the Repeater control?

1047

Explain client side state management system.

994

What is work flow gen? how can it will work with .Net?

3048

What kind of data we can store in viewstate?

1056

Explain the features that make asp.net more used framework? : asp.net mvc

944

What is the default authentication mode for asp.net?

1119

What is cross page posting? How is it done?

966

What is manifest in .net framework?

1022

What is inheritance and an how it be used, example with an example?

1069

If you want to write your own dot net language, what steps you will you take care?

1085

What is the difference between a candidate key and primary key?

1028

How to create a db connection at one place/page so that we can use that connection for all pages/forms/windows.what r the steps ned to be performed if question not clear,let me know

1103

What is owin authentication?

974