During my recent interaction with one
of the development teams, I came across few queries. Hence, I decided to cover
those general questions as part of my few upcoming blogs.
The very first
question I received is, when should one go for Windows authentication and when
one should go for Form-based authentication?
Now here one of the common response
one can receive is – use Forms authentication whenever the user can supply
username/password and go for Windows authentication whenever the user can use
Windows Login System.
No doubt, this response is correct. But there are few more
points which can elaborate it. Let’ have a look at those:
- If user accounts are created in AD – go for Windows authentication using ActiveDirectoryMembershipProvider
- If user accounts are created in database, i.e. SQL Server – go for Forms-based authentication using respective membership providers, i.e. SqlMembershipProvider
- If user accounts are created in database whose direct member ship providers are not available – go for Forms-based authentication by writing custom provider
- If Windows authentication can not be used with AD for any reason – go for Forms-based authentication
- If you need more secure policies for password management - go for Windows authentication
- If you want to use existing account management tools - go for Windows authentication
I hope these few points will add some
more to your knowledge. Happy learning.
Comments
Post a Comment