Click here to Skip to main content
13,349,997 members (47,853 online)
Click here to Skip to main content
Add your own
alternative version

Stats

11.2K views
8 bookmarked
Posted 11 Oct 2013

Forms Authentication

, 2 Aug 2017
Rate this:
Please Sign up or sign in to vote.
Reference about Forms Authentication in ASP.NET

MSDN How To's

  • How To: Create GenericPrincipal Objects with Forms Authentication - This How To shows you how to create and handle GenericPrincipal and FormsIdentity objects when using Forms authentication.
  • How To: Protect Forms Authentication in ASP.NET 2.0 - This How To shows you how to securely configure and use forms authentication with ASP.NET 2.0 applications. Key factors to consider include properly securing the authentication ticket and securing the user identity store and access to that store. Failing to protect authentication tickets is a common vulnerability that can lead to unauthorized spoofing and impersonation, session hijacking, and elevation of privilege. Other common vulnerabilities include failing to secure the user store and failing to enforce strong passwords. This How To describes how to apply appropriate countermeasures such as using the defaults of SHA1 and AES for hashing and encryption, applying session lifetime restrictions, and protecting authentication tickets with SSL.
  • How To: Use Forms Authentication with Active Directory in ASP.NET 2.0 - This How To shows you how to use forms authentication with Microsoft® Active Directory® directory service by using the ActiveDirectoryMembershipProvider. The How To shows you how to configure the provider and create and authenticate users. It also shows you how to enforce the password complexity rules defined by your domain policy and how you can extend your Active Directory schema to store password questions and answers. This allows you to support password resets if users forget their passwords.
  • How To: Use Forms Authentication with Active Directory in Multiple Domains in ASP.NET 2.0 - This How To shows you how to use the ASP.NET 2.0 membership feature with multiple Active Directory domains. It shows you how to configure an ActiveDirectoryMembershipProvider for each domain and the corresponding connection strings. It also shows how to get an instance of MembershipProvider corresponding to a specific domain and how to call membership APIs, such as ValidateUser, through the relevant provider.
  • How To: Use Forms Authentication with SQL Server in ASP.NET 2.0 - This How To shows you how you can use forms authentication with the SQL Server membership provider. Forms authentication with SQL Server is most applicable in situations where users of your application are not part of your Windows domain, and as a result, they do not have Active Directory accounts. This How To explains how to create a login page using the new membership Login control, configure your Web application to use forms authentication, create the user store database, grant database access to your Web application account, configure ASP.NET membership settings, and set password complexity rules.

The Basics

CardSpace

Gotchas

 

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

ASP.NET Community
United States United States
This member doesn't quite have enough reputation to be able to display their biography and homepage.
Group type: Collaborative Group

764 members


You may also be interested in...

Comments and Discussions

 
-- There are no messages in this forum --
Permalink | Advertise | Privacy | Terms of Use | Mobile
Web02 | 2.8.180111.1 | Last Updated 2 Aug 2017
Article Copyright 2013 by ASP.NET Community
Everything else Copyright © CodeProject, 1999-2018
Layout: fixed | fluid