.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
 
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
david stephan

Home >> Interview Question >> ASP.Net >> Post New Question Subscribe to Interview Questions

If cookies are not enabled at browser end does form Authentication work?

Posted By :Amit Mehra     Posted Date :August 05, 2009    Points :10   Category :ASP.Net 
No

You can also find related Interview Question to If cookies are not enabled at browser end does form Authentication work?  below: 

Which might not work if a user has disabled cookies in his or her Web browser: application state or session state?

  
Session state, by default, won't work if a Web browser that supports cookies has cookies disabled. Application state isn't user-specific, though, and doesn't need to be tracked in cookies. Therefore, application state works regardless of cookies. (More...)

Which might not work if a user has disabled cookies in his or her Web browser: application state or session state?

  
Session state, by default, won't work if a Web browser that supports cookies has cookies disabled. Application state isn't user-specific, though, and doesn't need to be tracked in cookies. Therefore, application state works regardless of cookies (More...)

If cookies is disabled in client browser will session work ?

  
If cookieless is true it will work. If it is not, it won't work. (More...)

How do we access cookies from browser side?

  
We can use javascript for that as below

document.cookie ="myContents=JavaScript cookie cookie1; expires=Sun, 30 March 2010 11:00:00 UTC; path=/"; (More...)

Explain how the Asp.Net Authentication process work?

  
ASP.NET does not run by itself, it runs inside the process of IIS. So there are two
authentication layers which exist in ASP.NET system. First authentication happens at
the IIS level and then at the ASP.NET level depending on the WEB.CONFIG file.
Below is how the whole process works:

1. IIS first checks to make sure the incoming request comes from an IP address
that is allowed access to the domain. If not it denies the request.

2. Next IIS performs its own user authentication if it is configured to do so. By
default IIS allows anonymous access, so requests are automatically
authenticated, but you can change this default on a per - application basis
with in IIS.

3. If the request is passed to ASP.net with an authenticated user, ASP.net checks
to see whether impersonation is enabled. If impersonation is enabled, ASP.net
acts as though it were the authenticated user. If not ASP.net acts with its own
configured account.

4. Finally the identity from step 3 is used to request resources from the operating
system. If ASP.net authentication can obtain all the necessary resources it
grants the users request otherwise it is denied. Resources can include much
more than just the ASP.net page itself you can also use .Net's code access
security features to extend this authorization step to disk files, Registry keys
and other resources. (More...)

How does CAS work?

  
The CAS security policy revolves around two key concepts - code groups and permissions. Each .NET assembly is a member of a particular code group, and each code group is granted the permissions specified in a named permission set.
For example, using the default security policy, a control downloaded from a web site belongs to the 'Zone - Internet' code group, which adheres to the permissions defined by the 'Internet' named permission set. (Naturally the 'Internet' named permission set represents a very restrictive range of permissions.) (More...)

Which authentication mode lets you use both SQL Server logins and Windows logins?

  
Mixed Mode authentication mode lets you use both SQL Server logins and Windows logins? (More...)

Windows Authentication

  
This type of authentication is possibly the easiest of all to implement. Windows authentication can be used in conjunction with almost all authentication methods provided by IIS (e.g. Basic, Digest, NTLM or Kerberos Authentication), except Anonymous Authentication [2,4]. There is no need to write any code to validate the user as IIS has already authenticated their Windows credentials. Basically, Windows authentication makes use of the authentication capabilities of IIS. IIS will complete its authentication first then ASP.NET will use the authenticated identity's token to decide whether the access is granted or denied.
This mechanism is usually implemented when the users are part of Windows domain and the authenticated users are to be impersonated so that the code is executed in the same security context of the user's Windows account [4].
When a user requests specific resources, this request will go to IIS. IIS authenticates the user and attaches the security token to it. It will then pass the authenticated request and security token to ASP.NET. If impersonation is enabled, ASP.NET impersonates the user using the security token attached and sees whether the user is authorized to access the resources in the section in Web.config file. If the access is granted, ASP.NET will send the requested resources through IIS, or else, it sends error message to the user.


Shashi Ray (More...)

Passport Authentication

  
As stated above, this authentication mechanism provides a centralized authentication service that offers single sign-in for access the member sites. The following scenarios support the use of Passport Authentication [2]:
. The username and password database or login page is not maintained; and
. Willing to provide personalized content; and
. The site will be used in conjunction with other Passport sites; and
. Willing to give single sign-in capability to the users (More...)

Forms-Based Authentication

  
Forms-based authentication is used to implement customized logic for authenticating users without having to worry about session management using cookie. It gives developer more access to specify which files on the site can be accessed and by whom, and allows identification of a login page [3,7].
This mechanism will automatically redirect the unauthenticated user to login page and ask them to provide proper credentials (e.g. username/password combination). If login is successful, ASP.NET then issues the cookie to the user and redirects them to specific resources that they originally requested. This cookie allows the user to revisit particular protected resources without having to repeatedly log in.

Shashi Ray (More...)

Authentication in ASP.NET

  
Authentication is one of the foremost features of web application's security. In ASP.NET, authentication is done at two levels [2]. First, IIS* will perform the required authentication then send out the request to ASP.NET, as described in Figure 1. For ASP.NET application, the underlying web server is IIS. Therefore, every ASP.NET application can continue to leverage the security options provided by IIS. (More...)

Quick Links For Interview Questions Categories:
ASP.Net Windows Application   .NET Framework   C#   VB.Net   ADO.Net  
Sql Server   SharePoint   Silverlight   OOPs   JQuery   JavaScript/VBScript
Biztalk Patten/Practices .IIS WCF WPF WWF
Networking Aptitude Others   All      

Find questions, FAQ's and their answers related to .NET, C#, Vb.Net, Sql Server and many more.

 
Now you can find lots of .NET, C#, Vb.Net, SQL Server,Windows, ASP.Net related Questions and their Answers here at www.dotnetspark.com. Our aim is to help you pass your certification Exams (MCP, MCSD, MCAD etc.,) with flying scores and get good name in your company.

So, Start looking our Interview Question section daily and improve your .NET Skills. You can also help others by posting Interview Questions and their Answers in this section.


Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend