Home > Programming > ASP.NET Programming



ASP.NET Forms Authentication Best Practices for Software Developers

Sort Desciption:

ASP.NET does an excellent job of providing out of the box support for multiple ..... In ASP.NET 2.0 the forms authentication cookie if created through the ...



Content Inside:

ASP.NET Forms Authentication Best Practices for Software Developers Page 1ASP.NET Forms Authentication Best Practices for Software Developers By Rudolph Araujo Foundstone Professional Services August 2005 Page 2www.foundstone.com 2005 Foundstone Inc. All Rights Reserved 1 BackgroundASP.NET does an excellent job of providing out of the box support for multiple forms of authentication using the classes in System.Web.Security namespace. In v1.1 of the framework there exists support for formsbased Microsoft Passport based and Integrated Windows (or NTLM) based authentication. These are intended to provide developers with easy access to an intuitive API which they can use to add authentications features to their own applications without having to reinvent it from scratch. As can be seen in listing 1 below the code to leverage for instance formsbased authentication is fairly short and easily understood. void btnLogin_Click(Object Source EventArgs e) { // Pull credentials from form fields and try to authenticate the user. if (FormsAuthentication.Authenticate(txtName. Text txtPassword.Text)) { // Redirect the client back to the originally requested resource and // create a new persistent cookie that identifies the user. FormsAuthentication.RedirectFromLoginPage( txtName.Text true); } } Listing 1 The Authenticate function above validates the credentials submitted by the end user against the user data store for instance the web.configs authentication section to determine if the user should be logged in or not. If the credentials are indeed valid the RedirectFromLoginPage function sets an authentication ticket in the form of a cookie1before redirecting the user to whatever page they were trying to login to. This mechanism supports storing the credentials either in the clear or hashed using MD5 or SHA1. Perhaps more often web applications might use their own custom data store such as an LDAP based directory or SQL / XML database. In this case code like the fragment below ...

Source: www.foundstone.com


add to Google Reader add to Google Bookmark add to bloglines add to newsgator add to FURL add to digg add to webnews add to Netscape add to Yahoo MyWeb add to spurl.net add to diigo Bookmark newsvine Bookmark del.icio.us Bookmark @ SIMPIFY Bookmark MISTER WONG Bookmark Linkarena Bookmark icio.de Bookmark oneview Bookmark folkd.com Bookmark yigg.de Bookmark reddit Bookmark StumbleUpon Bookmark Slashdot Bookmark blinklist Bookmark technorati add to blogmarks add to blinkbits add to ma.gnolia add to smarking.com add to netvouz add to co.mments add to Connotea add to de.lirio.us

 

Related Files

Beginning ASP.NET 2.0 ECommerce in C# 2005

Filed under: Programming and ASP.NET Programming
Beginning ASP.NET 2.0. ECommerce in C# 2005. From Novice to Professional. . Cristian Darie and Karli Watson. DarieWatson_4681Front.fm Page i ...

Building an ASP.NET Website

Filed under: Programming and ASP.NET Programming
In this book we are going to build a contentbased ASP.NET website. This website will consist of a. number of modules which will all fit together to ...

programming asp net third edition

Filed under: Programming and ASP.NET Programming
tions) in how your ASP.NET application interacts with underlying. data. The ADO. ... The data source controls included with the ASP.NET include: ...

ASP.NET Forms Authentication Best Practices for Software Developers

Filed under: Programming and ASP.NET Programming
ASP.NET does an excellent job of providing out of the box support for multiple ..... In ASP.NET 2.0 the forms authentication cookie if created through the ...

Moving to ASP.NET: Web Development with VB .NET

Filed under: Programming and ASP.NET Programming
ASP.NET. Chapter 10 discusses exactly how this differentiation is achieved .... aWeb Application is pretty central to ASP.NET and Web development in general ...