C# - Hey, ASP.NET Authentication/Security

**Frinavale** · Nov 17 '08, 03:57 PM

Since it's only going to be you logging into the system I would specify your user account information in your web.config file and use Forms Authentication. You can also specify which pages are restricted and which are publicly accessible in your web.config file.

Check out MSDN for more information on how to implement simple Forms Authentication. It wouldn't hurt to also check out Forms Authentication Explained.

There are a bunch of patterns mentioned in the MSDN library on how to secure your applications.

-Frinny

**Plater** · Nov 17 '08, 04:07 PM

Depending on your needs Windows Authentication can be very usefull.
For instance, my website is hosted on a computer within our company domain. I used lose windows authentication to allow any valid domain user (any user who has crednetials to log into our custom domain) to be able to view the site.
So anyone correctly logged on to their computer on the domain, can just use the webpage like their was no security, but if someone from outside the domain tries, they are prompted for a username/password. If I were say, working at home, I could acess the webpage and input my username/password (like I would to log onto my computer) and it will let me access the webpage.
If you are not on a domain, the valid user accounts for windows authentication will be limited to those on the server computer.

Frinny(I think) posted a link to a video tutorial a long time ago on how to deal with logon situations on a website that was really good at walking you through stuff.
That is how I did mine. I am looking for the link.

ASP.NET Core, an open-source web development framework | .NET

http://www.asp.net/learn/security-videos/

Build web apps and services that run on Windows, Linux, and macOS using C#, HTML, CSS, and JavaScript. Get started for free on Windows, Linux, or macOS.

**Frinavale** · Nov 17 '08, 04:19 PM

Originally posted by Plater

Frinny(I think) posted a link to a video tutorial a long time ago on how to deal with logon situations on a website that was really good at walking you through stuff.
That is how I did mine. I am looking for the link.
http://www.asp.net/learn/security-videos/

I did but Joedeen asked for a way to do it without using SQL and that video gives an example of setting up Forms Authentications , Membership, and Role Management using SQL Server as it's backbone. Here's a link to the video if you're interested.

**Plater** · Nov 17 '08, 04:21 PM

Huh. Maybe I watched the wrong video then, because I don't use SQL for the backend at all.

**joedeene** · Nov 27 '08, 03:59 PM

Well, I've worked with authentication using the web.config XML file, it's pretty interesting but I can't figure out how to add a user, but I figured I might as well go with SQL. The reason I didn't want to use SQL is because I'm running my server off of a Virtual PC, and I thought it would be difficult to put the data onto the guest machine from the one I have VWD 2008 and SQL Server installed. So, I just installed those programs on my guest machine(the server).

I will now follow SQL tutorials and I'm sure it will be much more secure and even easier to add users.

C# - Hey, ASP.NET Authentication/Security

C# - Hey, ASP.NET Authentication/Security

Comment

Comment

Comment

Comment

Comment