In the previous chapter, you learned about the basic structure of ASP.NET security. In this chapter, you will learn how you can authenticate your users using forms authentication. You should use this type of authentication whenever there is a reason for not using Windows-based accounts in your applications. We will discuss such reasons in this chapter, as well as in Chapter 22 when discussing Windows authentication itself.

Forms authentication is an all-purpose authentication system that's based around two concepts. First is a login page that can validate users (usually, by comparing a user name and password combination against a database or some other data store). Second is a mechanism for preserving and reestablishing ...