Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Difference between FormsAuthentication and WebSecurity

I am exploring the possibilities of ASP.NET MVC in the example webapplication of Visual Studio the WebMatrix.WebData.WebSecurity is used for Membership (creating accounts, and specify that a user is logged in to view a specific page etc.). But after some searching I found that there is also a System.Web.Security.FormsAuthentication class that can be used for Membership.

Does anybody know the differences/pro's and cons between these two classes? And when to use WebSecurity and when to use FormsAuthentication? (and maybe a clear example of FormsAuthentication)

Thanks in advance

like image 827
mrtentje Avatar asked Oct 01 '12 18:10

mrtentje


People also ask

What is authentication mode in web config?

Windows Authentication mode provides the developer to authenticate a user based on Windows user accounts. This is the default authentication mode provided by ASP.Net. You can easily get the Identity of the user by using User.Identity.Name. This will return the computer name along with the user name.

Can you explain forms authentication in detail?

Form authentication is used for internet web application. The advantage of form authentication is that users do not have to be member of a domain-based network to have access to your application. So the number of web application uses the form authentication in their web application.

What protection is required for form authentication in Net security?

By default, forms authentication protects only ASPX pages and any other . NET extensions. You can configure forms authentication to protect other static extensions such as . jpg, .

How do you authenticate a form?

Forms– users are authenticated via a form on a web page. Passport– users are authenticated using Microsoft's Passport Network. None– no authentication model is used; all visitors are anonymous.


1 Answers

WebSecurity was introduced in WebMatrix 2 and ASP.NET MVC 4. It relies on the SimpleMembershipProvider. Under the covers it uses FormsAuthentication to manage cookies. So I guess that if you are starting a new project you would opt for the new model if this model fits your needs. Bare in mind that the SimpleMembershipProvider exposes less functionality than the original provider.

The original membership provider uses the SqlMembershipProvider which in turn uses plain ADO.NET to query the database.

The SimpleMembershipProvider uses the new Database class introduced in WebMatrix to query the SQL database.

like image 55
Darin Dimitrov Avatar answered Oct 05 '22 20:10

Darin Dimitrov