Kriya and Meditation for Software / IT Professionals. Conducted by Bipin Joshi in Thane. Read more...
Learn ASP.NET MVC, ASP.NET Core and ASP.NET Design Patterns. Courses conducted by Bipin Joshi on weekends. Click here for more details.

<%@ Page %>

Forms authentication in ASP.NET

Introduction

Many times we use some kind of custom authentication mechanism for our web sites. The most common way to authenticate visitors of your site is by accepting user id and password from then which are then validated against a database table. ASP.NET provides a very easy way to implement such mechanism via forms authentication. Forms based authentication is also referred to as cookie authentication because a cookie is used with each request that tells whether a user is authenticated or not. In case of windows authentication we automatically get windows role of the logged in user. You can also implement custom role based security in the Form based authentication. 

Steps involved in implementing forms authentication

  • Configure your web application to deny anonymous access
  • Modify web.config file to specify authentication mode as Forms
  • Create a aspx page that accepts user id and password and sets authentication cookie
  • Modify web.config to specify a page that will be acting as login page
  • Implement role based security (optional)

Sample application

The sample application provided for download shows you how to implement forms authentication. It also shows you how to implement role based security for forms authentication.


Bipin Joshi is a software consultant, an author and a yoga mentor having 22+ years of experience in software development. He also conducts online courses in ASP.NET MVC / Core and Design Patterns. He is a published author and has authored or co-authored books for Apress and Wrox press. Having embraced the Yoga way of life he also teaches Meditation and Mindfulness to interested individuals. To know more about him click here.

Get connected : Twitter  Facebook  Google+  LinkedIn

Posted On : 06 October 2001


Tags : ASP.NET Web Forms Security Configuration