Best Windows Hosting

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Monday, 23 April 2012

How the ASP.NET authentication process works?

Posted on 17:49 by Unknown
ASP.NET does not run by itself, it runs inside the process of IIS. Therefore, there are two authentication layers, which exist in ASP.NET system. First authentication happens at the IIS level and then at the ASP.NET level depending on the WEB.CONFIG file.

Below is how the whole process of authentication in ASP.NET works?

1. IIS first checks to make sure the incoming request comes from an IP address that is allowed access to the domain. If not it denies the request.

2. Next IIS performs its own user authentication if it is configured to do so. By default IIS allows anonymous access, so requests are automatically authenticated, but you can change this default on a per – application basis with in IIS.

3. If the request is passed to ASP.NET with an authenticated user, ASP.NET checks to see whether impersonation is enabled. If impersonation is enabled, ASP.NET acts as though it were the authenticated user. If not ASP.NET acts with its own configured account.

*Impersonation:  Impersonation is when ASP.NET executes code in the context of an authenticated and authorized client. By default, ASP.NET does not use impersonation and instead executes all code using the same user account as the ASP.NET process, which is typically the ASPNET account.

4. Finally, the identity from step 3 is used to request resources from the operating system. If ASP.NET authentication can obtain all the necessary resources, it grants the users request otherwise it is denied. Resources can include much more than just the ASP.NET page itself you can also use .NET’s code access security features to extend this authorization step to disk files, Registry keys and other resources.
Email ThisBlogThis!Share to XShare to Facebook
Posted in DOTNET | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Online Marketing Degrees
    Because global competition has become so intense, it should come as no surprise that companies invest heavily in their marketing and promoti...
  • Protecting E-mail Addresses on Webpages: Beware of using mailto protocol
    Placing an e-mail address on a Web page is a dangerous prospect nowadays. If the document on which the address appears generates even a medi...
  • Silver Bullets for Testing
    Know Our Application Don’t start testing without understanding the requirements. If we test without knowledge of the requirements, we will n...
  • Preloading Images: A trick to overcome delays in image-rich webpages loading
    One of the things that can really slow down the display of Web pages is an abundance of images, each one of which can contain the equivalent...
  • Unix Commands which should be on tips of each developer
    General Commands: 1. date: shows date and time 2. history: lists the previously executed commands 3. man ls: shows online documentation by...
  • Online Music Degrees
    For those who want to pursue a music degree but find it difficult to do so because of time constraints, financial difficulties or physical l...
  • Client Side State Management in ASP.NET
    State Management in done on client side as well as on server side in ASP.NET. In this article, we will just focus on clinet side state manag...
  • Frameset, Frame and IFrame Elements in HTML
    Frame Element With frames, you can display more than one HTML document in the same browser window. Each HTML document is called a frame, and...
  • 5 E-mail Etiquette You Must Know
    From memos and letters to answering machines, voice mail and now email, the last one is here to stay. Studies show that nearly two million e...
  • Cautions while dropping a tablespace
    DROP TABLESPACE drops the tablespace from database. But, there are few things which you should take care while firing this statement. 1. DRO...

Categories

  • AJAX
  • C++
  • CSS
  • Delphi
  • DOTNET
  • HTML
  • Javascript
  • jQuery
  • Management
  • Online Degrees
  • Oracle
  • Others
  • Phonegap
  • PHP
  • Unix
  • XML

Blog Archive

  • ▼  2012 (155)
    • ►  September (64)
    • ►  August (11)
    • ►  July (4)
    • ►  June (3)
    • ►  May (25)
    • ▼  April (48)
      • DOM Events: Mouse Events, Keyboard Events, Form Ev...
      • What is DOM (Document Object Model): Tree and Node...
      • DocType: Strict, Transitional and Frameset
      • How the ASP.NET authentication process works?
      • Response.Redirect vs Server.Transfer: What to use ...
      • GET vs POST: Which one is better? A 10 point compa...
      • HTTP vs HTTPS: Similarities and Differences
      • How IIS processes ASP.NET request?
      • AutoEventWireup in ASP.NET: Why my ASP.NET events ...
      • Web Farms in ASP.NET: Advantages and Issues
      • Cautions while dropping a tablespace
      • 12 Point Comparision between FTP and HTTP Protocol...
      • Dataset, Dataview, Datatable and common operations...
      • Client Side State Management in ASP.NET
      • Difference between page_init, page_load and page_p...
      • Database FLASHBACK mode: Overview
      • Database ARCHIVELOG mode: Overview
      • Hash Collision Attacks in .NET
      • ADO.NET: A quick revision
      • What is SQL Injection?
      • What is ASP.NET AJAX?
      • What is DLL HELL?
      • DIV vs TABLE tag: Which one to use?
      • Exception Handling in ASP.NET
      • Business Intelligence (BI): Data Warehouse, Data M...
      • UDDI: Universal Description, Discovery and Integra...
      • Web Services: Exposing and Consuming
      • Web Service Description Language
      • Simple Object Access Protocol
      • Caching in ASP.NET
      • Partial Classes in ASP.NET
      • Difference between DLL and EXE Files
      • What is an ASP.NET User Control?
      • Page Directive in ASP.NET
      • DOTNET Framework: CLR, CTS and CLS
      • What is Tethering and Hotspot?
      • Preventing Caching in AJAX URLs
      • What is web.config file? What is the significance ...
      • HTML vs XHTML vs DHTML
      • AJAX - A quick revision
      • Web Server vs Application Server vs Database Server
      • Difference Between ASP.NET Server Controls and HTM...
      • web.config vs app.config vs machine.config
      • Assemblies in .NET Framework
      • Silver Bullets for Testing
      • Unix Commands which should be on tips of each deve...
      • Basics of IBM Websphere MQ (Part 1)
      • What is Garbage Collector? How and when does it run?
Powered by Blogger.

About Me

Unknown
View my complete profile