Windows Authentication in ASP.NET

Home	About Us	ASP.NET Online Courses	Yoga Articles	Contact Us

Online Courses
ASP.NET Core
Design Patterns
Meditation

Online Courses

ASP.NET Core

Design Patterns

Meditation

Categories
ASP.NET
ASP.NET MVC
ASP.NET Core
jQuery
HTML5
Web Services
Data Access
.Net Framework
Windows Forms
Book Reviews
Projects
Miscellaneous
Thoughts & Musings
Videos
Search Articles

Categories

ASP.NET

ASP.NET MVC

ASP.NET Core

jQuery

HTML5

Web Services

Data Access

.Net Framework

Windows Forms

Book Reviews

Projects

Miscellaneous

Thoughts & Musings

Videos

Search Articles

Article Updates
RSS Feed

Article Updates

RSS Feed

Introduction

Security is an important consideration in your web applications. Securing a web application consists of two steps :

Authenticating the user accessing the page
Authorizing the user to access the page

Authentication is a process of determining whether a user is the one who he claims to be. Typically this will be determined with the help of user id and password.

Authorization is a process in which you decide whether an authenticated user is allowed to access certain page or resource. For example, operators may not be allowed to view certain confidential financial information that managers can view.

ASP.NET offers various ways to authenticate and authorize users of your web site. They are :

Windows authentication
Forms authentication (cookie authentication)
Passport authentication

In this code sample (which is Part - I of the three part series) we will see how to implement windows authentication.

Windows Authentication

Windows authentication scheme uses traditional mechanisms of Basic, NTLM/Kerberose and Digest authentication. Here IIS uses the credentials of logged in user are used to authenticate web requests. In case integrated windows authentication is turned off a typical gray colored dialog pops up asking for user id and password.

Steps involved in implementing windows authentication and authorization

Create a ASP.NET web application
Modify web.config to set authentication mode to windows
Modify web.config to deny access to anonymous users
Authorize users based on their NT user groups (roles)

The sample application available for download shows you how to implement this scheme in ASP.NET web applications.

<% displaydownloadlink "Download Sample Application","winauth.zip" %>

Bipin Joshi is an independent software consultant and trainer by profession specializing in Microsoft web development technologies. Having embraced the Yoga way of life he is also a yoga mentor, meditation teacher, and spiritual guide to his students. He is a prolific author and writes regularly about software development and yoga on his websites. He is programming, meditating, writing, and teaching for over 27 years. To know more about his private online courses on ASP.NET and meditation go here and here.

Posted On : 24 September 2001

Associated Links
Download Source Code

Tags : ASP.NET Web Forms Security Configuration

Popular from this category
Passing Values between ASP.NET Web Forms
Creating DataGrid Templated Columns Dynamically - Part I
Creating Dialog Boxes using ASP.NET, JavaScript and IE
Creating DataGrid Programmatically
Quickly Adding A New Row In DataGrid
Using Radio Buttons To Select DataGrid Row
Confirming Deletes in ASP.NET DataGrid
Downloadable DataGrid samples for beginners
Creating Master-Detail Listings using ASP.NET controls
Displaying Two DataTables In One DatGrid