.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
 
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
david stephan

Home >> Interview Question >> ADO.Net >> Post New Question Subscribe to Interview Questions

Between Windows Authentication and SQL Server Authentication, which one is trusted and which one is untrusted?

Posted By :Santosh     Posted Date :October 19, 2009    Points :10   Category :ADO.Net 
Windows Authentication is trusted because the username and password are checked with the Active Directory, the SQL Server authentication is untrusted, since SQL Server is the only verifier participating in the transaction.

You can also find related Interview Question to Between Windows Authentication and SQL Server Authentication, which one is trusted and which one is untrusted?  below: 

Which authentication mode lets you use both SQL Server logins and Windows logins?

  
Mixed Mode authentication mode lets you use both SQL Server logins and Windows logins? (More...)

Windows Authentication

  
This type of authentication is possibly the easiest of all to implement. Windows authentication can be used in conjunction with almost all authentication methods provided by IIS (e.g. Basic, Digest, NTLM or Kerberos Authentication), except Anonymous Authentication [2,4]. There is no need to write any code to validate the user as IIS has already authenticated their Windows credentials. Basically, Windows authentication makes use of the authentication capabilities of IIS. IIS will complete its authentication first then ASP.NET will use the authenticated identity's token to decide whether the access is granted or denied.
This mechanism is usually implemented when the users are part of Windows domain and the authenticated users are to be impersonated so that the code is executed in the same security context of the user's Windows account [4].
When a user requests specific resources, this request will go to IIS. IIS authenticates the user and attaches the security token to it. It will then pass the authenticated request and security token to ASP.NET. If impersonation is enabled, ASP.NET impersonates the user using the security token attached and sees whether the user is authorized to access the resources in the section in Web.config file. If the access is granted, ASP.NET will send the requested resources through IIS, or else, it sends error message to the user.


Shashi Ray (More...)

What type of Authentication does Microsoft SQL Server support?

  
Windows Authentication and
SQL Server authentication (More...)

What are the authentication modes in SQL Server?

  
Windows mode and mixed mode (SQL & Windows). (More...)

What are the authentication modes in SQL Server? How can it be changed?

  
Windows mode and mixed mode (SQL & Windows).
To change authentication mode in SQL Server click Start, Programs, Microsoft SQL Server and click SQL Enterprise Manager to run SQL Enterprise Manager from the Microsoft SQL Server program group.
Select the server then from the Tools menu select SQL Server Configuration Properties, and choose the Security page. (More...)

How to avoid or disable the modal dialog box in a Windows Authentication environment?

  
By enabling the Windows Integrated Authentication checkbox for the web application through settings in IIS.

Forms Authentication is used in Internet based scenarios, where its not practical to provide a Windows based account to each and every user to the Web Server. In a Forms Authentication environment, the user enters credentials, usually a User Name and a corresponding Password, which is validated against a User Information Store, ideally a database table.

Forms Authentication Ticket is the cookie stored on the user's computer, when a user is authenticated. This helps in automatically logging in a user when he/she re-visits the website. When a Forms Authentication ticket is created, when a user re-visits a website, the Forms Authentication Ticket information is sent to the Web Server along with the HTTP Request. (More...)

What protocol does server-to-server authentication extend?

  
server-to-server authentication extend SharePoint 2013 extends OAuth Protocol. (More...)

Passport Authentication

  
As stated above, this authentication mechanism provides a centralized authentication service that offers single sign-in for access the member sites. The following scenarios support the use of Passport Authentication [2]:
. The username and password database or login page is not maintained; and
. Willing to provide personalized content; and
. The site will be used in conjunction with other Passport sites; and
. Willing to give single sign-in capability to the users (More...)

Forms-Based Authentication

  
Forms-based authentication is used to implement customized logic for authenticating users without having to worry about session management using cookie. It gives developer more access to specify which files on the site can be accessed and by whom, and allows identification of a login page [3,7].
This mechanism will automatically redirect the unauthenticated user to login page and ask them to provide proper credentials (e.g. username/password combination). If login is successful, ASP.NET then issues the cookie to the user and redirects them to specific resources that they originally requested. This cookie allows the user to revisit particular protected resources without having to repeatedly log in.

Shashi Ray (More...)

Authentication in ASP.NET

  
Authentication is one of the foremost features of web application's security. In ASP.NET, authentication is done at two levels [2]. First, IIS* will perform the required authentication then send out the request to ASP.NET, as described in Figure 1. For ASP.NET application, the underlying web server is IIS. Therefore, every ASP.NET application can continue to leverage the security options provided by IIS. (More...)

What is the difference between login controls and Forms authentication?

  
Login controls are an easy way to implement Forms authentication without having to write any code. For example, the Login control performs the same functions you would normally perform when using the FormsAuthentication class—prompt for user credentials, validate them, and issue the authentication ticket—but with all the functionality wrapped in a control that you can just drag from the Toolbox in Visual Studio. Under the covers, the login control uses the FormsAuthentication class (for example, to issue the authentication ticket) and ASP.NET membership (to validate the user credentials). Naturally, you can still use Forms authentication yourself, and applications you have that currently use it will continue to run. (More...)

What is the difference between SharePoint Portal Server and Windows SharePoint Services?

  
SharePoint Portal Server is the global portal offering features like global navigation and searching.Windows SharePoint Services is more content management based with document libraries and lists. You apply information to certain areas within your portal from windows share point Services or directly to portal areas. (More...)

Quick Links For Interview Questions Categories:
ASP.Net Windows Application   .NET Framework   C#   VB.Net   ADO.Net  
Sql Server   SharePoint   Silverlight   OOPs   JQuery   JavaScript/VBScript
Biztalk Patten/Practices .IIS WCF WPF WWF
Networking Aptitude Others   All      

Find questions, FAQ's and their answers related to .NET, C#, Vb.Net, Sql Server and many more.

 
Now you can find lots of .NET, C#, Vb.Net, SQL Server,Windows, ASP.Net related Questions and their Answers here at www.dotnetspark.com. Our aim is to help you pass your certification Exams (MCP, MCSD, MCAD etc.,) with flying scores and get good name in your company.

So, Start looking our Interview Question section daily and improve your .NET Skills. You can also help others by posting Interview Questions and their Answers in this section.


Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend