Sunday, March 23, 2008

ASP.NET Authentication

About

Securing location of an asp.net website with password protection while allowing anonymous users to the rest of the site.
The application can then call FormsAuthentication.Authenticate, supplying the username and password, and ASP.NET will verify the credentials. Credentials can be stored in cleartext, or as SHA1 or MD5 hashes, according to the following values of the passwordFormat attribute:

Hash Type Description
Clear Passwords are stored in cleartext
SHA1 Passwords are stored as SHA1 digests
MD5 Passwords are stored as MD5 digests

Usage

<authentication>
  <credentials;passwordformat="SHA1">
    <user name="Mary" password="GASDFSA9823598ASDBAD">
      <user name="John" password="ZASDFADSFASD23483142">
  </credentials>
</authentication>


if (FormsAuthentication.Authenticate(this.Login1.UserName, this.Login1.Password))
    FormsAuthentication.RedirectFromLoginPage(this.Login1.UserName, false);
Web.config
<configuration>
  <system.web>
    <compilation batch="false" debug="true" defaultlanguage="c#">
      <authentication mode="Forms">
        <forms name="cornerstone" 
               defaulturl="admin/admin.aspx" 
               timeout="20" 
               protection="All" 
               loginurl="admin/login.aspx" 
               path="/">
          <credentials passwordformat="Clear">
            <user name="user1" password="password1">
              <user name="user2" password="password2">
        </credentials>
        </forms>
      </authentication>
      <authorization>
        <allow users="*">
    </authorization>
    </system.web>
  <location path="admin">
    <system.web>
      <authorization>
        <deny users="?">
      </authorization>
    </system.web>
  </location>
  <configuration>

No comments:

Azure Storage Account Types

Defferent Types of Blobs Block blobs store text and binary data. Block blobs are made up of blocks of data that can be managed individually...