Authentication and Authorization in ASP.NET: ASP Alliance

Print Add To Favorites Email To Friend Rate This Article
Authentication and Authorization in ASP.NET

page 4 of 6

by Joydip Kanjilal
Feedback

Average Rating:

Views (Total / Last 10 Days): 50636/ 72

Article Contents:

How Authentication and Authorization Works

The following section lists the sequence of events that take place in the authentication and authorization process when a new request arrives.

The IIS first checks the validity of the incoming request. If the authentication mode is anonymous (default) then the request is authenticated automatically. But if this authentication mode is overridden in the web.config file settings, the IIS performs the specified authentication check first before the request is passed on to ASP.NET.

Now ASP.NET checks whether Impersonation is enabled or not. If impersonation is enabled, ASP.NET executes with the identity of the entity on behalf of which it is performing executing the task. If impersonation is not enabled, the application runs with the identity of the IIS local machine’s identity and the privileges of the ASP.NET user account. ASPNET or NETWORK SERVICE is the default ASP.NET unprivileged account on Windows XP and Windows Server 2003, respectively. Now, the identity that has already been authenticated and verified is used to request resources from the operating system. Then ASP.NET performs an authorization check on the requested resources and if the user is authorized, it returns the request through IIS.

« (Page 3)

View Entire Article

(Page 5) »

User Comments

Title: Clear idea about Authentication and Authorization
Name: Nandhini.S
Date: 2006-11-17 4:43:50 AM
Comment:
This article gives me a clear idea about authentication and authorization. It will be very useful for the Beginners.
Thanks a lot

Title: Authentiaction and Authorization in ASP.NET
Name: By Vishal Bhosale
Date: 2006-11-15 3:08:25 PM
Comment:
This is very good and easy description and explaination and this would be very useful to asp.net programmers

Title: Authentication and Authorization in ASP.NET
Name: Sameer Kothari
Date: 2006-11-15 4:01:18 AM
Comment:
It realy good artical.its helpful to me to develoerd the this

Title: very simple explanation of Authenication
Name: Vijay
Date: 2006-11-10 2:05:58 AM
Comment:
I appreciate the author for simple and clear explnation of authnication and authorization

Title: Authentication and Authorization in ASP.NET
Name: R.Prakash
Date: 2006-11-08 1:26:19 AM
Comment:
Really very nice
Regards
R.Prakash

Title: Authentication and Authorization in ASP.NET
Name: Mahindra
Date: 2006-09-28 2:51:19 AM
Comment:
Its a Very Useful article.....hope everyone who reads this cud get benefit from this......

Title: very good
Name: bhawani shanker
Date: 2006-09-26 8:06:14 AM
Comment:
i think it's a better article for understanding Authentication and Authorization

Title: Good Job
Name: Noman Shaukat
Date: 2006-09-24 11:01:31 AM
Comment:
Great Article ..... Good job man

Title: Very good and simple explanation of the topic
Name: Vikram
Date: 2006-09-23 4:02:43 AM
Comment:
Yes this is very good an simple explanation of the security in asp.net
vikram
http://www.vikramlakhotia.com/HomePage.aspx

Title: Authentication and Authorization in ASP.NET
Name: selvaraj
Date: 2006-07-17 8:30:23 AM
Comment:
i thing this is quit enough for beginner aslo.

Title: Authentication
Name: Samy
Date: 2006-07-05 4:29:53 AM
Comment:
it's an excellent article...very good way of explaning

Title: Authentication and Authorization in ASP.NET
Name: By Joydip Kanjilal
Date: 2006-06-23 8:18:25 AM
Comment:
I truly appreciate Mr. Kanjilal taking the time to explain these concepts in such a simplified manner. Security is still quite an important topic, and will continue to be in my opinion, so I think his words have tremendous value.
Thank you Mr. Kanjilal!
Sincerely,
Vilmarie Barbosa

Product Spotlight