asp.net 2.0 (C #) (6)

Introduced

ASP.net 2.0 now provides built-in support for membership (username/password credential storage) and role management services. Because all of these services are provider-driven (Provider), you can easily replace them with your own customizations.

The essential

1. windows-based Authentication Sets the <authentication> under <system.web> element to Windows; Forms based authentication will <system.web> elements under <authentication> set to Forms.

2, based on forms of authentication, set <system.web> elements under the <authentication> element <forms> child elements, such as the following, only for the description

<authentication mode= "Forms" >
<forms name= ". Vs2005_form "loginurl=" ~/security/login.aspx "defaulturl=" ~/default.aspx "protection=" "All" timeout= "path="
/"requiressl=" false "
slidingexpiration=" true "enablecrossappredirects=" false "
cookieless=" usedeviceprof Ile ">
</forms>
</authentication>　　　　

The properties of the <forms> element are described below

1) cookieless-authentication can store the forms authentication ticket in a cookie or it can be stored on a URL in a form that has no cookie. Valid values are as follows:

· UseDeviceProfile-The default value means that asp.net determines where the ticket is stored based on a predefined browser profile.

· AutoDetect-option lets asp.net dynamically determine whether the browser supports cookies.

· UseUri-Enforce no Cookie ticket

· UseCookies-Enforces a Cookie ticket.

2) Defaulturl-Specifies the default URL to which the request will be redirected after a successful login.

3 domain-Specifies the value of the HttpCookie domain property that contains the Forms authentication ticket. Setting this property explicitly enables the application to share the same Cookie, provided that the application shares a common part of a DNS namespace (for example, if the domain property is set to "cnblogs.com", webabcd.cnblogs.com and Dudu.cnblogs.com can share a Cookie).