Posts

Showing posts from July, 2007

ASP.NET security

ASP.NET security is easy to understand once one has completed the basics in ASP.NET. All the security features can be handled in the Web.Config file. There are three types of authentication:-1) Forms : For enabling forms based authentication, you need to first go to the IIS virtual directory folder of your web applicatio0n and check the Anonymous Access. Once this is done set the authentication mode to Forms in the following manner in the web.config &ltauthentication mode="forms"&gt (Note:One crucial thing that needs to be mentioned here is that the web.config file data is case sensitive.)Then the child node needs to added to this in the following manner- &ltforms loginUrl="" path="" timeout="" protection=""&gt The loginUrl tells the Web application the location where the user needs to be redirected to in case he/she is not authenticated. Lets consider an example in this case. We have a user x trying to access a page lo