In this chapter, you'll learn:
How to let users to log in to your site (and optionally be assigned to roles) using either a login form or Windows authentication.
This article provides an overview of ASP.NET authentication and authorization and shows how to implement both features.
This article provides an overview of the Windows authentication provider, which is useful for security in company networks and other intranet scenarios.
This article describes ASP.NET forms authentication, which lets you create your own login page and then use ASP.NET features to manage authentication and authorization.
This article describes two ways to let users have access to resources in your application -- that is, how to handle authorization.
This article and sample describes how to create a provider to handle custom role management.
This whitepaper covers the major ways in which security features in ASP.NET 4 can be customized, including: Encryption options and functionality in the <machineKey> element, interoperability of ASP.NET 4 forms authentication tickets with ASP.NET 2.0, configuration options to relax automatic security checks on inbound URLs, pluggable request validation, and pluggable encoding for HTML elements, HTML attributes, HTTP headers, and URLs