Forms Authentication Provider
Forms authentication generally refers to a system in which unauthenticated requests are redirected to an HTML form, using HTTP client-side redirection. Forms authentication is a good choice if your application needs to collect its own user credentials at logon time through HTML forms. The user provides credentials and submits the form. If the application authenticates the request, the system issues a cookie that contains the credentials or a key for reacquiring the identity. Subsequent requests are issued with the cookie in the request headers. The requests are authenticated and authorized by an ASP.NET event handler using whatever validation method the application specifies.
Note that forms authentication is often used for personalization, where content is customized for a known user. In some of these cases, identification is the issue rather than authentication, so it is enough merely to store the user name in a durable cookie and use that cookie to access the user's personalization information.
In This Section
- Using the FormsAuthenticationModule Class
- Describes how to use the FormsAuthenticationModule.
- Forms Authentication Control Flow
- Describes the control flow for the FormsAuthenticationModule.
- Forms Authentication Credentials
- Describes how to use Forms authentication credentials.
- Forms Authentication Utilities
- Describes how to use the forms authentication utilities.
- Handling FormsAuthentication Events
- Describes how to handle forms authentication events.
- Forms Authentication Across Applications
- Describes how to configure forms authentication in a distributed environment.