authentication Element (ASP.NET Settings Schema)
Configures the ASP.NET authentication scheme that is used to identify users who view an ASP.NET application.
configuration Element (General Settings Schema)
system.web Element (ASP.NET Settings Schema)
authentication Element (ASP.NET Settings Schema)
<authentication
mode="[Windows|Forms|Passport|None]"
>
<forms>...</forms>
<passport/>
</authentication>
Attributes and Elements
The following sections describe attributes, child elements, and parent elements.
Attributes
Attribute |
Description |
||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
mode |
Required attribute. Specifies the default authentication mode for an application. This attribute can be one of the following values.
The default is Windows. |
Child Elements
Element |
Description |
---|---|
forms |
Configures an ASP.NET application for custom forms–based authentication. |
passport |
Specifies the page to redirect to, if the page requires authentication and the user has not signed on with Microsoft Passport Network authentication. |
Parent Elements
Element |
Description |
---|---|
configuration |
Specifies the required root element in every configuration file that is used by the common language runtime and the .NET Framework applications. |
system.web |
Specifies the root element for the ASP.NET configuration settings in a configuration file and contains configuration elements that configure ASP.NET Web applications and control how the applications behave. |
Remarks
The authentication element configures the ASP.NET authentication scheme for an ASP.NET application. The authentication scheme determines how to identify users who want to view the ASP.NET application. The mode attribute specifies the authentication scheme. For more information about available authentication schemes, see ASP.NET Authentication.
Default Configuration
The following default authentication element is not explicitly configured in the Machine.config or the root Web.config file. However, it is the default configuration that is returned by the application in the .NET Framework version 2.0.
<authentication mode="Windows">
<forms
name=".ASPXAUTH"
loginUrl="login.aspx"
defaultUrl="default.aspx"
protection="All"
timeout="30"
path="/"
requireSSL="false"
slidingExpiration="true"
cookieless="UseDeviceProfile" domain=""
enableCrossAppRedirects="false">
<credentials passwordFormat="SHA1" />
</forms>
<passport redirectUrl="internal" />
</authentication>
The following default authentication element is configured in the Machine.config file in the .NET Framework version 1.1.
<authentication mode="Windows">
<forms
name=".ASPXAUTH"
loginUrl="login.aspx"
protection="All"
timeout="30"
path="/"
requireSSL="false"
slidingExpiration="true">
<credentials passwordFormat="SHA1"></credentials>
</forms>
<passport redirectUrl="internal" />
</authentication>
The following default authentication element is configured in the Machine.config file in the .NET Framework version 1.0.
<authentication mode="Windows">
<forms
name=".ASPXAUTH"
loginUrl="login.aspx"
protection="All"
timeout="30"
path="/" >
<credentials passwordFormat="SHA1"></credentials>
</forms>
<passport redirectUrl="internal" />
</authentication>
Example
The following code example demonstrates how to configure a site for forms-based authentication, specify the name of the cookie that transmits logon information from the client, and specify the name of the logon page to use, if initial authentication fails. You need to include an authorization section to require forms authentication by all users and to deny anonymous users access to the site.
<configuration>
<system.web>
<authentication mode="Forms">
<forms name="401kApp" loginUrl="/login.aspx"/>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</configuration>
Element Information
Configuration section handler |
|
Configuration member |
|
Configurable locations |
Machine.config Root-level Web.config Application-level Web.config |
Requirements |
Microsoft Internet Information Services (IIS) version 5.0, 5.1, or 6.0 The .NET Framework version 1.0, 1.1, or 2.0 Microsoft Visual Studio 2003 or Visual Studio 2005 |
See Also
Tasks
How to: Configure Specific Directories Using Location Settings
How to: Lock ASP.NET Configuration Settings
Concepts
ASP.NET Configuration File Hierarchy and Inheritance
Securing ASP.NET Configuration
ASP.NET Configuration Scenarios
Reference
system.web Element (ASP.NET Settings Schema)
forms Element for authentication (ASP.NET Settings Schema)
passport Element for authentication (ASP.NET Settings Schema)
configuration Element (General Settings Schema)
Other Resources
General Configuration Settings (ASP.NET)
ASP.NET Configuration Settings