IIS authentication and authorization

yanfangsheng123

　　Authentication: - prove genuineness
　　Authorization: - process of granting approval or permission on resources.
　　web.config
　　
　　unknown user.
　　
　　
　　
　　‘Admin.aspx’ pages.
　　
　　
　　
　　
　　
　　
　　
　　
　　---------------------
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　
　　Authentication: - prove genuineness
　　Authorization: - process of granting approval or permission on resources.
　　from：codeproject
　　-----------------------------
　　In order to do custom authentication you need to need to just replace “FormsAuthentication.Authenticate” statement with your validation. For instance in the below code we have used

　　‘clsUser’>　　Collapse | Copy Code
　　clsUser objUser = new clsUser();
　　if (objUser.IsValid(txtUser.Text,txtPass.Text))
　　{
　　FormsAuthentication.RedirectFromLoginPage(txtUser.Text, true);
　　}
　　-----Asp.net ASP.NET membership and roles
　　1、Run aspnet_regsql.exe from ‘C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727’ folder. Enter SQL Server credentials and run the exe. This will install all the necessary stored
　　procedures and tables as shown in figure ‘Object created by aspnet_regsql.exe’
　　2.Specify the connection string in the ‘web.config’ file where your ASP.NET roles tables and stored procedures are created.
　　
　　
　　

　　　　
　　3.Specify the ASP.NET membership provider and connect the same with the connection string provided in the previous step.
　　
　　
　　
　　
　　
　　
　　------------------
　　
　　
　　
　　
　　
　　4.We also need to specify the role provider and connect the same with the connection string provided in the previous session.
　　
　　
　　
　　
　　
　　
　　------------------------------
　　
　　
　　
　　
　　

　　5.Now you can user the "Membership">　　    Membership.CreateUser("aa01","sss"); //create a user in table dbo.aspnet_Users, (ApplictionId UserName LoweredUserName)
　　    user(0)="aa01";
　　Roles.CreateRole("Developer");
　　Roles.AddUsersToRole(user,"Developer");// Table aspnet_Users(UserName) , aspnet_User..(UserId,RoleId),aspnet_Roles(RoleName);
　　Forms Authentication using Single Sign on
　　Many time we would like to implement single sign on across multiple sites. This can be done using forms authentication. You can implement forms authentication in both the websites
　　with same machine key. Once the validation is done in one website a cookie text file will be created. When that user goes to the other website the same cookie file will used to ensure
　　that the user is proper or not.
　　Please note you need to have same machine key in both the web.config files of your web application.
　　Collapse | Copy Code
　　
　　You can see a very detail article on Single sign at http://msdn.microsoft.com/en-us/library/ms972971.aspx . You can also download the code from http://download.microsoft.com/
　　download/B/7/8/B78D1CED-2275-4AEE-B0BE-0DEA1A2A9581/MSDNEnterpriseSecurity.msi
　　The above discusses how a internal intranet and internet application login through one single sign-on facility.