ExpertRating - Online Certification and Employment Testing ExpertRating - Online Certification and Employment Testing ExpertRating - Online Certification and Employment Testing

ExpertRating Home
ExpertRating Benefits
Recommend ExpertRating
Suggest More Tests
Privacy Policy
ASP Dot Net Tutorial - Index
ASP Dot Net Tutorial - Microsofts ASP.NET
ASP Dot Net Tutorial - Begining Web Forms
ASP Dot Net Tutorial - User Controls
ASP Dot Net Tutorial - ADO .NET
ASP Dot Net Tutorial - DataBinding to WebControls
ASP Dot Net Tutorial - DataList Controls
ASP Dot Net Tutorial - DataGrid Control
ASP Dot Net Tutorial - Advance Practical Examples on DataGrid
ASP Dot Net Tutorial - Working with DataSets
ASP Dot Net Tutorial - Working with XML
ASP Dot Net Tutorial - Forms Based Authentication
ASP Dot Net Tutorial - Windows Based Authentication

Online Personal Trainer Certification
Personal Trainer Certification (Spanish)
Six Sigma Certification
Find a Personal Trainer
Project Management Certification
Six Sigma Certification
Six Sigma Black Belt Certification
Master Black Belt Certification
Six Sigma Green Belt Certification
Life Coach Certification
Lean Management Certification
Lean Six Sigma Certification
First Aid Certification
CPR Certification
Yoga Certification
Aerobics Certification
Pilates Certification
Business Analyst Certification
SEO Certification
Online Business Writing Course & Certification
Makeup Artist Certification
Baby Sitting Course & Certification
Time Management Certification
Health Club Management Certification
Medical Coding Certification
Medical Billing Certification
Business Analysis Course
Master Trainer Certification
Total Quality Management Certification
Kaizen Certification
Creative Writing Certification
Event Management Certification
Test Search by Job Title
Administrative Assistant Certification
Virtual Assistant Certification
  All Online Courses


  Home > Courses, Tutorials & eBooks > ASP.NET Tutorial > Forms-Based Authentication

ASP.NET Tutorial - Forms-Based Authentication

                                                                                                            Page 1 of 3

Form authentication can be used for setting up custom user registration system for the website. The advantage of using this type of authentication is that, it enables to store username and passwords in whatever storage mechanism is desired. For example, storing username and password in the Web.Config file, an XML file, or a database table.

If a user requests a page without the proper Authentication Ticket, he or she can be automatically redirected to the login page. If the user enters a valid username and password combination, you can automati­cally redirect him or her back to the original page.

When using Forms authentication, an automatic user registration system can be easily set up. For example, a database table can be created that contains usernames and pass­words. In that case, adding a new registered user is as simple as adding a new username and password to the database table.

The .NET classes for Forms authentication are located in the System.Web. Security namespace. The following list contains the most important of these classes:


This class contains several shared methods for working with Forms authentication.


This class represents the authentication Ticket used in the cookie for Forms authentication.

Forms Identity

This class represents the identity of the user authenticated with Forms authentication.


This class is the actual module used for forms authentication.

Enabling Forms Authentication

To enable basic Forms authentication for an application, the follow three steps are to be followed:

  • Set the authentication mode for the application by modifying the authentication ­section in the application root Web.Config file.
  • Deny access to anonymous users in one or more directories in the application by modifying the authorization section in the Web.Config files in the appropriate directories.
  • Create a login page containing a form that enables users to enter their usernames and passwords.

The first step is to enable Forms authentication for an application. To do so, you must modify an application's root directory Web.Config file. If the Web.Config file doesn't exist, it can be created.

The Web.Config Example 61 Web.Config file contains the minimal amount of information necessary to enable Forms authentication for an application.

To run these examples put all the files in SimpleForm directory and in its subdirectory as mentioned in the name of the examples. Next, create a new vertual directory that points to the SimpleForm directory.

Example 61 SimpleForm/Web.Config



<authentication mode="Forms" />




In above example, the authentication mode is set to Forms. Creating this file enables Forms authentication for the entire application.

The next step is to password-protect individual directories. Users are required to log in to access any ASP.NET page at the Web site by modifying the root directory Web.Config file. Alternatively, Web.Config files can be added to particular directories to password­certain pages.

To password-protect a particular directory and its subdirectories, add the Web. Config file in Example 62to the directory.(Place this at SimpleForm\Secret subdirectory)

Example 62 SimpleForms/secret/Web.config




<deny users="?" />






Home  |  About Us  |  Privacy Policy  |  Site Map  |  FAQs  |  Contact Us
© ExpertRating 2015. All Rights Reserved.