Introduction
When you begin a program for a customer using asp.net ,you should consider about security.In web.config file you can set authentication mode value 'windows' or 'forms'.What's about difference and how you use then?(Authentication have other value.this artical not consider them.)
How to use mode windows
When you select this mode ,you can make all client access your project.Code like this(this case you can't get value using 'User.Identity.Name'):
<authentication mode="Windows" />
<authorization>
<allow users="*" />
</authorization>
other You can make make a special client to access you project with windows authentication.Code like this(this case you can get value using 'Use.Identity.Name',then you can use it to do other work you like.):
<authorization>
<deny users="?" />
</authorization>
How to use mode Forms
If you select 'Forms' mode.First you should specify a page and make sure all client can found it.Code like this:
<authentication mode="Forms">
<forms name="Authentication" loginUrl="LoginForForms.aspx" />
</authentication>
<location path="LoginForForms.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
Second in that page you to validate the use's Id and Password.Code like this:
if(UserIsLogin())
{
try
{
FormsAuthentication.RedirectFromLoginPage("2", false);
}
catch (Exception ex)
{
Response.Redirect("defaultForForms.aspx");
}
}
Finally
This knowlege is simple for everybody.But i know this It's two years from i using C# and asp.net.So i write this article ,because i sure have many programer do know so many about it.This article must have lots of mistakes that I don't wake up to.So I welcome you tell me.
