|
Forms authentication.- Using form authentication, ones own custom logic can be used for authentication.
- ASP.NET checks for the presence of a special session cookie when a user requests a page for the application. Authentication is assumed if the cookie is present else the user is redirected to a web form.
- Forms authentication lets you authenticate users by using your own code and then maintain an authentication token in a cookie or in the page URL.
- Forms authentication participates in the ASP.NET page life cycle through the FormsAuthenticationModule class.
- Forms authentication information and capabilities can be accessed through the FormsAuthentication class.
- To use forms authentication, create a login page that collects credentials from the user and that includes code to authenticate the credentials.
- Typically you configure the application to redirect requests to the login page when users try to access a protected resource, such as a page that requires authentication.
- If the user's credentials are valid, call methods of the FormsAuthentication class to redirect the request back to the originally requested resource with an appropriate authentication ticket (cookie).
- If redirection is not required, just get the forms authentication cookie or set it.
- On subsequent requests, the user's browser passes the authentication cookie with the request, which then bypasses the login page.
|
