Click here to Skip to main content
65,938 articles
CodeProject is changing. Read more.
Articles
(untagged)

Forms Authentication

0.00/5 (No votes)
2 Aug 2017 1  
Reference about Forms Authentication in ASP.NET

MSDN How To's

  • How To: Create GenericPrincipal Objects with Forms Authentication - This How To shows you how to create and handle GenericPrincipal and FormsIdentity objects when using Forms authentication.
  • How To: Protect Forms Authentication in ASP.NET 2.0 - This How To shows you how to securely configure and use forms authentication with ASP.NET 2.0 applications. Key factors to consider include properly securing the authentication ticket and securing the user identity store and access to that store. Failing to protect authentication tickets is a common vulnerability that can lead to unauthorized spoofing and impersonation, session hijacking, and elevation of privilege. Other common vulnerabilities include failing to secure the user store and failing to enforce strong passwords. This How To describes how to apply appropriate countermeasures such as using the defaults of SHA1 and AES for hashing and encryption, applying session lifetime restrictions, and protecting authentication tickets with SSL.
  • How To: Use Forms Authentication with Active Directory in ASP.NET 2.0 - This How To shows you how to use forms authentication with Microsoft® Active Directory® directory service by using the ActiveDirectoryMembershipProvider. The How To shows you how to configure the provider and create and authenticate users. It also shows you how to enforce the password complexity rules defined by your domain policy and how you can extend your Active Directory schema to store password questions and answers. This allows you to support password resets if users forget their passwords.
  • How To: Use Forms Authentication with Active Directory in Multiple Domains in ASP.NET 2.0 - This How To shows you how to use the ASP.NET 2.0 membership feature with multiple Active Directory domains. It shows you how to configure an ActiveDirectoryMembershipProvider for each domain and the corresponding connection strings. It also shows how to get an instance of MembershipProvider corresponding to a specific domain and how to call membership APIs, such as ValidateUser, through the relevant provider.
  • How To: Use Forms Authentication with SQL Server in ASP.NET 2.0 - This How To shows you how you can use forms authentication with the SQL Server membership provider. Forms authentication with SQL Server is most applicable in situations where users of your application are not part of your Windows domain, and as a result, they do not have Active Directory accounts. This How To explains how to create a login page using the new membership Login control, configure your Web application to use forms authentication, create the user store database, grant database access to your Web application account, configure ASP.NET membership settings, and set password complexity rules.

The Basics

CardSpace

Gotchas

 

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here