Forms Authentication in Asp.Net


The below configuration elements show how you enable Forms authentication in Web.config.

You can also check my previous posts on:

<authentication mode=”Forms”>
<forms loginUrl=”login.aspx” name=”MyCookie” timeout=”60″ path=”/”>
</forms>
</authentication>

When you use Forms authentication, the following authorization options are avail- able to you:

Client Requested Resources
Requested resources require ACLs that allow read access to the anonymous Internet user account. (IIS should be configured to allow anonymous access when you use Forms authentication).

URL Authorization
Configure URL Authorization in Web.config. With Forms authentication, the format of user names is determined by your custom data store; a SQL Server database, or Active Directory.

If you are using a SQL Server data store:

<authorization>
<deny users=”?” />
<allow users=”Raju,Biju,Tamanna” roles=”Manager,Sales” />
</authorization>

Explicit Role Checks
You can perform role checking using the IPrincipal interface.

IPrincipal.IsInRole(“Director”);

When to Use
Forms authentication is most ideally suited to Internet applications. Use Forms authentication when: Your application’s users do not have Windows accounts.



You want users to log on to your application by entering credentials using an HTML form.

Check out Best Alternative to InfoPath -> Try Now

You May Also like the Following SharePoint Online Tutorials:

About Bijay Kumar

I am Bijay from Odisha, India. Currently working in my own venture TSInfo Technologies in Bangalore, India. I am Microsoft Office Servers and Services (SharePoint) MVP (5 times). I works in SharePoint 2016/2013/2010, SharePoint Online Office 365 etc. Check out My MVP Profile.. I also run popular SharePoint web site SharePointSky.com

View all posts by Bijay Kumar →