Home > Others

IIS Authentication Knowledge Excerpt

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

IIS Authentication

ASP. NET authentication is divided into two steps. First, Internet Information Services (IIS) authenticates the user and creates a Windows token to represent the user. IIS determines which authentication mode should be used for a particular application by viewing the IIS metabase settings. If IIS is configured to use Anonymous authentication, a token is generated for the IUSR_MACHINE account and used to represent the anonymous user. IIS then passes the token to ASP.

Second, ASP. NET performs its own authentication. The authentication method used is specified by the Mode property of the authentication element. The following authentication configuration specifies that ASP. NET uses the FormsAuthenticationModule class:

<authentication mode= "Forms"/>

Note Because forms authentication is not dependent on IIS authentication, if you want to use Forms authentication in an ASP. NET application, you should configure anonymous access for your application in IIS.

Forms validation

ASP. NET Forms authentication occurs after IIS authentication is complete. You can use the forms element to configure forms authentication.

Create an authentication Cookie

Create an authentication Cookie from the FormsAuthentication class, as shown below. After the user has been authenticated, the FormsAuthentication class creates an FormsAuthenticationTicket object internally by specifying the cookie name, cookie version, directory path, cookie issuance date, and cookie Expiration date, whether the Cookie should be retained, and user-defined data (optional).

FormsAuthenticationTicket ticket = new FormsAuthenticationTicket (1,
"UserName",
DateTime.Now,
DateTime.Now.AddMinutes (+),//value of Time out property
False,//Value of Ispersistent property
String.Empty,
Formsauthentication.formscookiepath);

Next, if the protection property of the forms element is set to all or encryption, forms authentication uses the Encrypt method to encrypt and sign the Forms authentication ticket.

String encryptedticket = Formsauthentication.encrypt (ticket);

Reference

Http://www.cnblogs.com/winnerzone/archive/2007/06/29/800225.html

IIS Authentication Knowledge Excerpt

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More