Export (0) Print
Expand All

Edit Forms Authentication Settings (IIS 7)

Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Vista

Forms authentication lets users log on by using identities from an ASP.NET membership database. This authentication method uses redirection to an HTML logon page to confirm the identity of the user. You can configure Forms authentication at the site or application levels.

Forms authentication is convenient for the following reasons:

  • It allows either a custom data store, such as a SQL server database, or Active Directory to be used for authentication.

  • It integrates easily with a Web user interface.

  • Clients can use any browser.

If you want to use membership roles for authorization, you must use Forms authentication or a similar custom authentication method.

noteNote
Editing a configuration setting changes the setting at the local level and for any child levels that inherit the setting.

ImportantImportant
Credentials are passed as clear text, so that you have to configure SSL for the logon page and any other pages that require an authentication cookie to be sent across the network.

ImportantImportant
If you select Forms authentication, you cannot use any of the challenge-based authentication methods at the same time.

For information about the levels at which you can perform these procedures, and the modules, handlers, and permissions that are required to perform these procedures, see Authentication Feature Requirements (IIS 7).

See Also

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft