asp.net提供了3種認(rèn)證方式:  windows身份驗(yàn)證, Forms驗(yàn)證和Passport驗(yàn)證.
windows身份驗(yàn)證: IIS根據(jù)應(yīng)用程序的設(shè)置執(zhí)行身份驗(yàn)證.要使用這種驗(yàn)證方式,在IIS中必須禁用匿名訪問(wèn).
Forms驗(yàn)證:用Cookie來(lái)保存用戶憑證,并將未經(jīng)身份驗(yàn)證的用戶重定向到自定義的登錄頁(yè).
Passport驗(yàn)證:通過(guò)Microsoft的集中身份驗(yàn)證服務(wù)執(zhí)行的,他為成員站點(diǎn)提供單獨(dú)登錄和核心配置文件服務(wù).

一. 配置windows身份驗(yàn)證
     1)配置IIS設(shè)置
 

       
    2)設(shè)置Web.config
     <system.web>
            <authentication mode = "Windows">
            <!--通知操作系統(tǒng)將當(dāng)前登錄的用戶的信任書(shū)傳遞給瀏覽器-->
             <authorization>
                  <!--禁止匿名用戶訪問(wèn)-->
                  <deny users = "?"/>
            </authorization>
     </system.web>

二.配置Forms身份認(rèn)證
    1)配置web.config
    
<?xml version="1.0"?>
<!--
    Note: As an alternative to hand editing this file you can use the
    web admin tool to configure settings for your application. Use
    the Website->Asp.Net Configuration option in Visual Studio.
    A full list of settings and comments can be found in
    machine.config.comments usually located in
    /Windows/Microsoft.Net/Framework/v2.x/Config
-->
<configuration>
 <appSettings/>
 <connectionStrings/>
  <!--允許匿名用戶登錄register.aspx頁(yè)-->
  <location path="register.aspx">
    <system.web>
      <authorization>
        <allow users="?" />
      </authorization>
    </system.web>
  </location>
 <system.web>
  <!--
            Set compilation debug="true" to insert debugging
            symbols into the compiled page. Because this
            affects performance, set this value to true only
            during development.
        -->
  <compilation debug="true"/>
  <!--
            The <authentication> section enables configuration
            of the security authentication mode used by
            ASP.NET to identify an incoming user.
        -->
  <authentication mode="Forms">
   <forms name="auth" loginUrl="login.aspx" timeout="30" protection="All" path="/"></forms>
  </authentication>
  <!--禁止匿名用戶登錄-->
  <authorization>
   <deny users="?"/>
  </authorization>
  <!--
            The <customErrors> section enables configuration
            of what to do if/when an unhandled error occurs
            during the execution of a request. Specifically,
            it enables developers to configure html error pages
            to be displayed in place of a error stack trace.

        <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
            <error statusCode="403" redirect="NoAccess.htm" />
            <error statusCode="404" redirect="FileNotFound.htm" />
        </customErrors>
        -->
 </system.web>
</configuration>

          2)登錄頁(yè)面代碼
            login.aspx
         
 1<%@ Page Language="C#" AutoEventWireup="true" CodeFile="login.aspx.cs" Inherits="login" %>
 2
 3<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 4
 5<html xmlns="http://www.w3.org/1999/xhtml" >
 6<head runat="server">
 7    <title>Untitled Page</title>
 8</head>
 9<body>
10    <form id="form1" runat="server">
11    <div>
12        <asp:TextBox ID="TextBox1" runat="server"></asp:TextBox>
13        <asp:Button ID="Button1" runat="server" OnClick="Button1_Click" Text="登陸" /></div>
14    </form>
15</body>
16</html>
 
 1using System;
 2using System.Data;
 3using System.Configuration;
 4using System.Collections;
 5using System.Web;
 6using System.Web.Security;
 7using System.Web.UI;
 8using System.Web.UI.WebControls;
 9using System.Web.UI.WebControls.WebParts;
10using System.Web.UI.HtmlControls;
11
12public partial class login : System.Web.UI.Page
13{
14    protected void Page_Load(object sender, EventArgs e)
15    {
16
17    }
18    protected void Button1_Click(object sender, EventArgs e)
19    {
20        FormsAuthentication.RedirectFromLoginPage(this.TextBox1.Text, false);
21    }
22}
23

三.配置Passport身份認(rèn)證
    需要安裝Passport Software Developer Kit.這種認(rèn)證方式適合于跨站之間的應(yīng)用,用戶只有一個(gè)用戶名和密碼可以訪問(wèn)任何成員站。