Configures the ASP.NET authentication scheme that is used to identify users who view an ASP.NET application.
<authentication mode="[Windows|Forms|Passport|None]" > <forms>...</forms> <passport/> </authentication>
The following sections describe attributes, child elements, and parent elements.
Attribute
Description
mode
Required attribute.
Specifies the default authentication mode for an application. This attribute can be one of the following values.
The default is Windows.
Element
forms
Configures an ASP.NET application for custom forms–based authentication.
passport
Specifies the page to redirect to, if the page requires authentication and the user has not signed on with Microsoft Passport Network authentication.
configuration
Specifies the required root element in every configuration file that is used by the common language runtime and the .NET Framework applications.
system.web
Specifies the root element for the ASP.NET configuration settings in a configuration file and contains configuration elements that configure ASP.NET Web applications and control how the applications behave.
The authentication element configures the ASP.NET authentication scheme for an ASP.NET application. The authentication scheme determines how to identify users who want to view the ASP.NET application. The mode attribute specifies the authentication scheme. For more information about available authentication schemes, see ASP.NET Authentication.
The following default authentication element is not explicitly configured in the Machine.config or the root Web.config file. However, it is the default configuration that is returned by the application in the .NET Framework version 2.0.
<authentication mode="Windows"> <forms name=".ASPXAUTH" loginUrl="login.aspx" defaultUrl="default.aspx" protection="All" timeout="30" path="/" requireSSL="false" slidingExpiration="true" cookieless="UseDeviceProfile" domain="" enableCrossAppRedirects="false"> <credentials passwordFormat="SHA1" /> </forms> <passport redirectUrl="internal" /> </authentication>
The following default authentication element is configured in the Machine.config file in the .NET Framework version 1.1.
<authentication mode="Windows"> <forms name=".ASPXAUTH" loginUrl="login.aspx" protection="All" timeout="30" path="/" requireSSL="false" slidingExpiration="true"> <credentials passwordFormat="SHA1"></credentials> </forms> <passport redirectUrl="internal" /> </authentication>
The following default authentication element is configured in the Machine.config file in the .NET Framework version 1.0.
<authentication mode="Windows"> <forms name=".ASPXAUTH" loginUrl="login.aspx" protection="All" timeout="30" path="/" > <credentials passwordFormat="SHA1"></credentials> </forms> <passport redirectUrl="internal" /> </authentication>
The following code example demonstrates how to configure a site for forms-based authentication, specify the name of the cookie that transmits logon information from the client, and specify the name of the logon page to use, if initial authentication fails. You need to include an authorization section to require forms authentication by all users and to deny anonymous users access to the site.
<configuration> <system.web> <authentication mode="Forms"> <forms name="401kApp" loginUrl="/login.aspx"/> </authentication> <authorization> <deny users="?"/> </authorization> </system.web> </configuration>
Configuration section handler
AuthenticationSection
Configuration member
AuthenticationMode
Configurable locations
Machine.config
Root-level Web.config
Application-level Web.config
Requirements
Microsoft Internet Information Services (IIS) version 5.0, 5.1, or 6.0
The .NET Framework version 1.0, 1.1, or 2.0
Microsoft Visual Studio 2003 or Visual Studio 2005