The second video of the series aims at setting up authentication for the sample website. Just like most internet sites on the web, the sample web site will be using Forms Based Authentication, a mechanism that was not invented by ASP.net but comes almost out of the box with the product.
The first part of the video will deal with setting up the authentication on the site to work with a database server like SQL 2008, and then in the second part of the video, we move on to looking at how different users can be granted or denied access to different parts of the site using the authorization rules from ASP.net.
A word on authentication: authentication in general sense of the word is the process by which a website is able to recognize a user and then allow that user access to reserved content. Authentication actually consists of a two stage process:
- The actual user authentication, whereby the user sends some credentials to the webserver for verification. Normally these credentials consist of some username and password combination
- The authorization part – knowing who a given user is, the site then has to implement some logic to make sure that the user can access parts of the site that are reserved for authenticated users, and also grant or deny access to specific resources based on who the user is or what groups the user belongs to (membership).