Basic authentication with custom membership

We just saw how to enable basic authentication with IIS. However, if the website is a publically available website, it is not possible to authenticate the user using Windows credentials. In such cases, the website should authenticate using the ASP.NET membership provider. In order to achieve this, we need to implement a custom membership with basic authentication.

Custom membership with basic authentication can be implemented using an HTTP module as given in the following:

public class BasicAuthHttpModule : IHttpModule
{
   //...
}

We need to create two methods and hook them to the AuthenticateRequest and EndRequest events in the Init method as given in the following code:

public void Init(HttpApplication context) ...

Get ASP.NET Web API Security Essentials now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

ASP.NET Web API Security Essentials by Rajesh Gunasundaram

Basic authentication with custom membership

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly