O'Reilly logo

Expert C# 2008 Business Objects by Rockford Lhotka

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 12. Authentication and Authorization

Most applications have some form of authorization, where they allow or disallow a user access to certain forms, pages, or application functions. Before any authorization can occur, the application must know the identity of the user, so most applications also use some type of authentication.

There are several types of authentication available to a .NET application, including the following:

  • Integrated Windows domain or Active Directory

  • ASP.NET membership provider

  • Custom database tables or LDAP server

In every case, the user's identity and roles are maintained in a .NET principal object, which is available to all code in your application. The support for authorization provided by .NET is role-based. The current ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required