In Sitefinity, the process of validating a user towards a data source with users is called Authentication. Authenticated users are acknowledged by the Web site and that
makes them manageable, as opposed to the anonymous users who could not be recognized.
There are several known forms of authentication, supported out-of-the-box in Sitefinity. The most commonly used ones are: Windows and
Forms.
Forms Authentication
With Forms authentication, user credentials are entered in a login form and authenticated against the given membership database. This is the default
authentication mode in Sitefinity.
 |
Authentication Cookie - it is recommended to use the default login page for the admin part of Sitefinity.
This is because the SetAuthenticationCookie() method is used in the login form to store some additional role provider information in the
authentication cookie.
|
Windows Authentication
With Windows authentication, the credentials of the current IIS-authenticated user are used to authenticate the currently logged-in user in the Web site.
See more in the topic Windows Authentication.
Providers
Since Sitefinity is based on the ASP.Net Membership services, the provider model is used. Different Membership Providers are
available and should be used for Windows and Forms authentication.
|
Permissions in Sitefinity are set per role, thus a role provider is
present for every available membership one. See Authorization. |
See Also