Authentication and Authorization Flow

The security features of IIS, .NET Framework, and SQL Server work together to establish the flow of the authentication and authorization process. A client submits a request for an ASP.NET page. The request is first received by IIS, which works with the Windows operating system to initiate the security process. IIS analyzes the request and, based on selected IIS authentication options, validates it. If IIS authentication fails, the request is rejected and the appropriate error message is displayed in the client's browser.

If IIS successfully validates the incoming request, the request is passed to ASP.NET. The Windows operating system then looks at the properties of the file containing the ASP.NET page and ...

Get Building Portals, Intranets, and Corporate Web Sites Using Microsoft Servers now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.