Friday, April 8, 2011

.NET/ASP.NET Interview Question -What are Authentication, Authorization and it's different types?


Who the user is? or Authentication is process of Identifying the user is valid or not from the database.

Authorization: To Identify what kind of authority or rights does user has.

Different Types:
In ASP.NET there are three way to do Authentication and Authorization.
1)Windows Authentication:

In this methadology ASP.NET web pages will use local windows users and groups to authenticate and authorize resources.

2)Forms Authentication: This is a cookie based authentication where user name and password stored on client machine as cookie files or they are sent to URL for every request. Form-based authentication presents the users with an HTML-based web page that prompts the user for credentials.In case browser doesnot support cookies then username and password passed via URL string for every request.

3)Passport Authentication: Passport authentication is based on passport website provided by the microsoft.So when user logins with credentials it will be reached to the passport website(i.e.
hotmail,devhood,windows live etc) where authentication will happen.If authentication is successful it will return a token to your website.
Following is the video for Authentication and Authorization


Please click here to see more .NET/ASP. NET interview questions

No comments: