Sunday, January 18, 2009

Authentication, Authorization in ASP.Net 2.0

Authentication and authorization is essential for the purpose of security in any software. Web projects require the technology of authentication and authorization to prevent the systems from the outside attacks. You can never keep your documents safe unless there is technology for protecting your documents from the hackers and malicious programs. Authentication is required for checking the identity of the person who wants to get the access inside your network and authorization is needed to give the permission for accessing particular resource.

Let us discuss the topic in detail:

1. Whenever user logs on to the computer system using the password there is need of authentication and authorization for allowing the user to use the system of the workplace. ASP.net provides the facility to authenticate the user and then provide the authorization for accessing the resources. There are three types of authentication which are used in Asp.net. Form authentication, window authentication and passport authentication.

2. Authorization is performed by the IIS which is used in ASP.net. If the user is not authenticated then IIS configuration setting does not allow the entrance of user to access the resources. Authentication is done using the tickets. Cookies are stored and used by the authentication system for checking the user authentication and providing permission for accessing the resources.

3. You can use the built in ASP.net facility for authentication and authorization. You can customize the Asp.net facilities for making it suitable according to your usage. Password and login id can be changed for making easy processing. Password of the user can be checked and new password can be issued for new user. You can add the new user in the existing system. There are many new features in the updated version.
Authentication is performed using the IIS feature in ASP.net with the help of the tracking of the cookie. Cookies play an important role in authenticating the user.

4. Authorization is performed perfectly by the ASP.net improved functionality. You can add many users and database tables must be updated. Authentication in ASP.net uses the database tables for authentication and users are checked for the existence.

5. Cookies are used for the authentication but some browsers do not support the functionality. So tickets are attached for authenticating the users. Secure socket layer is also applicable and provides security to the online users. Time out is also used for detaching the user from the server and again the password and login id comes in to play.

Read More...

No comments: