Tuesday, 22 March 2011

How To Implement Forms-Based Authentication in Your ASP.NET Applicationby Using C#.NET

Authentication and authorization are important to our web application.

Configure the Security Settings in the Web.config File


This section demonstrates how to add and modify the <authentication> and <authorization> configuration sections to configure the ASP.NET application to use forms-based authentication.
  1. In Solution Explorer, open the Web.config file.
  2. Change the authentication mode to Forms.
  3. Insert the <Forms> tag, and fill the appropriate attributes. (For more information about these attributes, refer to the MSDN documentation or the QuickStart documentation that is listed in the REFERENCES section.) Copy the following code, and then click Paste as HTML on the Edit menu to paste the code in the <authentication> section of the file:


    <authentication mode="Forms">
    <forms name=".ASPXFORMSDEMO" loginUrl="logon.aspx"
    protection="All" path="/" timeout="30" >
    
    <credentials passwordFormat="Clear">
    <user name="ramp" password="password"/>
    </credentials>
    </forms>  
    
    </authentication>


  4. Deny access to the anonymous user in the <authorization> section as follows:


    <authorization>
    <deny users ="?" />
    <allow users = "*" />
    </authorization>



For more details refer this article

No comments:

Post a Comment