Home > ASP.NET Applications > ASP.NET Web Application Security > ASP.NET Authentication > The Forms Authentication Provider

ASP.NET Web Applications   ASP.NET Web Application Security   ASP.NET Authentication

---

Forms authentication generally refers to a system in which unauthenticated requests are redirected to an HTML form, using HTTP client-side redirection. Forms authentication is a good choice if your application needs to collect its own user credentials at logon time through HTML forms. The user provides credentials and submits the form. If the application authenticates the request, the system issues a form that contains the credentials or a key for reacquiring the identity. Subsequent requests are issued with the form in the request headers. They are authenticated and authorized by an ASP.NET handler using whatever validation method the application specifies.

Note that forms authentication is often used for personalization, where content is customized for a known user. In some of these cases, identification is the issue rather than authentication, so it is enough to merely store the user name in a durable form and use that form to access the user’s personalization information.

Content
The Forms Authentication Module Describes how to use the Forms Authentication module.	Forms Authentication Control Flow Describes the control flow for the Forms Authentication module.
Creating a Forms Authentication Ticket Describes how to create a Forms Authentication ticket.	Forms Authentication Credentials Describes how to use Forms Authentication credentials.
Forms Authentication Utilities Describes how to use the Forms Authentication utilities.	Handling FormsAuthentication Events Describes how to handle Forms Authentication events.

The Windows Authentication Provider   The Passport Authentication Provider