what is the difference between windows authentication and form authentication?

Question

2.33/5 (2 votes)

See more:

ASP.NET

What is windows authentication and form authentication?pls explain me with practicaly in simple way?

Posted 22-Jul-11 6:04am

Jhansi Nadella

Add a Solution

4 solutions

Solution 3

Form authentication-It is use for both intranet as well as
for internet,but window authentication is only for
intranet.In form authentication password stored in config
file but in window it stored in system database.In form
authentication we can not have roles,but In form
authentication we can define roles(like hr role where any
no of user ccan come under).

Posted 22-Jul-11 10:35am

mhamad zarif

Comments

Philippe Mori 9-Feb-14 20:18pm

I think you swapped Windows and form authentification in one of the 2 last statements.

Solution 5

Windows Authentication :As you will be using the login & password used in a domain... If you use windows authentication, your webapp will (generally) have to be deployed in a network server and all your users should (generally) have a login created for them in the domain. Though cross domain operations are possible, primarily you wont be able to use it in non-domain based environment like public websites. It will be tough if you want to include some users who are outside your domain.

Forms Authentication : Here you are deciding to act independently. You will assign each user a separate userId and password and will manage them yourself. The overhead here is you should provide and restrict the ways users are created and removed. Here you are not restricted to any domain. For any user to gain access to your webapp should get registered with your webapp. This is similar to any mail sites you see on internet

Posted 9-Feb-14 8:56am

Swapnajit Nayak

Comments

CHill60 9-Feb-14 15:07pm

If you are going to provide solutions that are copied word for word from somewhere else, please credit the original author. Copied from http://stackoverflow.com/questions/3735168/whats-the-difference-windows-authentication-passport-authentication-and-form[^]
This question is over 2 years old and already answered

Philippe Mori 9-Feb-14 20:20pm

And by the way, also don't format it as C# code.

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Uday P.Singh · Accepted Answer · 2011-07-22T21:56:00

ASP.NET has ways to Authenticate a user:
1) Forms Authentication
2) Windows Authentication

Windows Authentication provider is the default authentication provider for ASP.NET applications. When a user using this authentication logs in to an application, the credentials are matched with the Windows domain through IIS.

There are 4 types of Windows Authentication methods:
1) Anonymous Authentication - IIS allows any user
2) Basic Authentication - A windows username and password has to be sent across the network (in plain text format, hence not very secure).
3) Digest Authentication - Same as Basic Authentication, but the credentials are encrypted. Works only on IE 5 or above
4) Integrated Windows Authentication - Relies on Kerberos technology, with strong credential encryption

Forms Authentication - This authentication relies on code written by a developer, where credentials are matched against a database. Credentials are entered on web forms, and are matched with the database table that contains the user information.

hope it helps :)

#realJSOP · Accepted Answer · 2011-07-22T06:11:00

Solution 1

Forms authentication is where the user is required to login with credentials just for the web site. Windows authentication is for when the web site will accept the user's Windows credentials for login purposes.

Posted 22-Jul-11 6:11am

#realJSOP

v2

Comments

ravikhoda 1-Apr-14 4:59am

i am using window authentication but still all browser asks for the login even if the user is connected to the network/domain on intranet website. can you tell me some setting to remove authentication pop up from the browser ?