Analysing Forms Authentication
Introduction If you've ever used ASP.NET to create a website that requires that users login to view certain pages or to have access to particular features, then you've no doubt examined ASP.NET's forms-based authentication scheme. ASP.NET's forms-based authentication allows you to quickly and easily build a website that authenticates users through a forms-based approach. Namely, to identify themselves, a user will enter their credentials in a Web Form. (Credentials could be anything, really, but for websites they are typically just a username and password. However, some websites require more involved credentials, such as a username, password, and PIN.) After a user enters their credentials, they are "logged in" to the site. The Forms-Based Authentication Workflow Before we begin our dissection of ASP.NET's forms-based authentication, let's take a brief moment to examine the forms-based authentication workflow from both the end user's perspective an...