January 2018 : Instructor-led Online Course in ASP.NET Core 2.0. Conducted by Bipin Joshi. Read more...
Registration for January 2018 batch of ASP.NET Core 2.0 instructor-led online course has already started. Conducted by Bipin Joshi. Register today ! Click here for more details.

<%@ Page %>

Forms authentication in ASP.NET

Introduction

Many times we use some kind of custom authentication mechanism for our web sites. The most common way to authenticate visitors of your site is by accepting user id and password from then which are then validated against a database table. ASP.NET provides a very easy way to implement such mechanism via forms authentication. Forms based authentication is also referred to as cookie authentication because a cookie is used with each request that tells whether a user is authenticated or not. In case of windows authentication we automatically get windows role of the logged in user. You can also implement custom role based security in the Form based authentication. 

Steps involved in implementing forms authentication

  • Configure your web application to deny anonymous access
  • Modify web.config file to specify authentication mode as Forms
  • Create a aspx page that accepts user id and password and sets authentication cookie
  • Modify web.config to specify a page that will be acting as login page
  • Implement role based security (optional)

Sample application

The sample application provided for download shows you how to implement forms authentication. It also shows you how to implement role based security for forms authentication.


Bipin Joshi is a software consultant, an author and a yoga mentor having 22+ years of experience in software development. He also conducts online courses in ASP.NET MVC / Core and Design Patterns. He is a published author and has authored or co-authored books for Apress and Wrox press. Having embraced the Yoga way of life he also teaches Meditation and Mindfulness to interested individuals. To know more about him click here.

Get connected : Twitter  Facebook  Google+  LinkedIn

Posted On : 06 October 2001


Tags : ASP.NET Web Forms Security Configuration