Implementing security in a site has the following aspects:
Authentication : It is the process of ensuring the user's identity and authenticity. ASP.NET
allows four types of authentications:
Windows Authentication
Forms Authentication
Passport Authentication
Custom Authentication
Authorization : It is the process of defining and allotting specific roles to specific users.
Confidentiality : It involves encrypting the channel between the client browser and the web
server.
Integrity : It involves maintaining the integrity of data. For example, implementing digital
signature.
Forms-Based Authentication
Traditionally, forms-based authentication involves editing the web.config file and adding a login
page with appropriate authentication code.
The web.config file could be edited and the following codes written on it:
protected bool authenticate(String uname, String pass){
if(uname == "Tom")
{
if(pass == "tom123")
return true;
}
if(uname == "Dick")
{
if(pass == "dick123")
return true;
}
if(uname == "Harry")
{
if(pass == "har123")
No comments:
Post a Comment