.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
 
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
david stephan

Home >> Interview Question >> SharePoint >> Post New Question Subscribe to Interview Questions

What is Authentication and Authorization?

Posted By :Gowthammanju     Posted Date :October 31, 2011    Points :40   Category :SharePoint 

Ans . An authentication system is how you identify yourself to the computer. The goal behind an authentication system is to verify that the user is actually who they say they are.
Once the system knows who the user is through authentication, authorization is how the system decides what the user can do.

You can also find related Interview Question to What is Authentication and Authorization?  below: 

What is the basic difference between authentication and authorization?

  
Authentication is a process of identifying a user based on their credentials like userID and Password.
Authorization is process of determining whether an authenticated user is allowed to access a specific resource or not.
(More...)

Difference between authentication and authorization?

  
Authentication is a process of identifying a user based on their credentials(means user id and password).

Authorization is process of determining whether an authenticated user is allowed to access a specific resource or not. (More...)

Difference between Authentication and
authorization?

  
Authentication is verifying the identity of a user and authorization
is process where we check does this identity have access rights to the system. (More...)

What is Authentication and Authorization?

  
An authentication system is how you identify yourself to the computer. The goal behind an authentication system is to verify that the user is actually who they say they are.
Once the system knows who the user is through authentication, authorization is how the system decides what the user can do. (More...)

What is the difference between authentication and authorization?

  
With the login page, when we put our userid and password and click the submit button, then the combination of that entered
userid and password is sent to the server and then server checks if that combination is existing with the server or not. This process
is called the authentication.

After the authentication is completed, if the server found the userid and password combination is true, the server redirect the user
to his/her allocated page. For example: if the user is an ordinary user, then the user is sent to the user dashboard and if the user is the admin, then he/she is sent to the admin panel. This process is called the authorization. (More...)

Which authentication mode lets you use both SQL Server logins and Windows logins?

  
Mixed Mode authentication mode lets you use both SQL Server logins and Windows logins? (More...)

Windows Authentication

  
This type of authentication is possibly the easiest of all to implement. Windows authentication can be used in conjunction with almost all authentication methods provided by IIS (e.g. Basic, Digest, NTLM or Kerberos Authentication), except Anonymous Authentication [2,4]. There is no need to write any code to validate the user as IIS has already authenticated their Windows credentials. Basically, Windows authentication makes use of the authentication capabilities of IIS. IIS will complete its authentication first then ASP.NET will use the authenticated identity's token to decide whether the access is granted or denied.
This mechanism is usually implemented when the users are part of Windows domain and the authenticated users are to be impersonated so that the code is executed in the same security context of the user's Windows account [4].
When a user requests specific resources, this request will go to IIS. IIS authenticates the user and attaches the security token to it. It will then pass the authenticated request and security token to ASP.NET. If impersonation is enabled, ASP.NET impersonates the user using the security token attached and sees whether the user is authorized to access the resources in the section in Web.config file. If the access is granted, ASP.NET will send the requested resources through IIS, or else, it sends error message to the user.


Shashi Ray (More...)

Passport Authentication

  
As stated above, this authentication mechanism provides a centralized authentication service that offers single sign-in for access the member sites. The following scenarios support the use of Passport Authentication [2]:
. The username and password database or login page is not maintained; and
. Willing to provide personalized content; and
. The site will be used in conjunction with other Passport sites; and
. Willing to give single sign-in capability to the users (More...)

Forms-Based Authentication

  
Forms-based authentication is used to implement customized logic for authenticating users without having to worry about session management using cookie. It gives developer more access to specify which files on the site can be accessed and by whom, and allows identification of a login page [3,7].
This mechanism will automatically redirect the unauthenticated user to login page and ask them to provide proper credentials (e.g. username/password combination). If login is successful, ASP.NET then issues the cookie to the user and redirects them to specific resources that they originally requested. This cookie allows the user to revisit particular protected resources without having to repeatedly log in.

Shashi Ray (More...)

Authentication in ASP.NET

  
Authentication is one of the foremost features of web application's security. In ASP.NET, authentication is done at two levels [2]. First, IIS* will perform the required authentication then send out the request to ASP.NET, as described in Figure 1. For ASP.NET application, the underlying web server is IIS. Therefore, every ASP.NET application can continue to leverage the security options provided by IIS. (More...)

What is the difference between login controls and Forms authentication?

  
Login controls are an easy way to implement Forms authentication without having to write any code. For example, the Login control performs the same functions you would normally perform when using the FormsAuthentication class—prompt for user credentials, validate them, and issue the authentication ticket—but with all the functionality wrapped in a control that you can just drag from the Toolbox in Visual Studio. Under the covers, the login control uses the FormsAuthentication class (for example, to issue the authentication ticket) and ASP.NET membership (to validate the user credentials). Naturally, you can still use Forms authentication yourself, and applications you have that currently use it will continue to run. (More...)

Between Windows Authentication and SQL Server Authentication, which one is trusted and which one is untrusted?

  
Windows Authentication is trusted because the username and password are checked with the Active Directory, the SQL Server authentication is untrusted, since SQL Server is the only verifier participating in the transaction. (More...)

Quick Links For Interview Questions Categories:
ASP.Net Windows Application   .NET Framework   C#   VB.Net   ADO.Net  
Sql Server   SharePoint   Silverlight   OOPs   JQuery   JavaScript/VBScript
Biztalk Patten/Practices .IIS WCF WPF WWF
Networking Aptitude Others   All      

Find questions, FAQ's and their answers related to .NET, C#, Vb.Net, Sql Server and many more.

 
Now you can find lots of .NET, C#, Vb.Net, SQL Server,Windows, ASP.Net related Questions and their Answers here at www.dotnetspark.com. Our aim is to help you pass your certification Exams (MCP, MCSD, MCAD etc.,) with flying scores and get good name in your company.

So, Start looking our Interview Question section daily and improve your .NET Skills. You can also help others by posting Interview Questions and their Answers in this section.


Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend