ASP.Net Authentication Modes

ASP.Net supports below authentication modes:
1. Windows
2. Forms
3. Passport
4. None

To enable authentication provider or mode we need to use authentication element from config file.
<system.web>
   <!-- mode=[Windows|Forms|Passport|None] -->
   <authentication mode="Windows" />
</system.web>
1.Windows:
  This is a default authentication mode in asp.net. This uses windows credentials for authentication. It relies on IIS to authenticate the user. Aftre authenticating the user it passes security token to asp.net. Windows authentication provides below ways:

Anonymous: IIS allows everybody to access asp.net application, no authentication is done.

Basic: User must have to provide username and password to get access to application. But username and password get sent over network in plain text format so it is bit insecure.

Digest: Same as Basic windows authentication but password is hashed before sending it over the netwrok and also user need to be use IE5 or later and windows accounts should stored in active directory.

Windows Integrated: User still need to provied username and password but it never sent over the network. Application either uses kerberos or challenge response protocol to authenticate the user. Kerberos provides tools for authentication and strong cryptography for secure communication.

2. Forms Authentication mode:  Forms authentication uses own customised HTML form to collect users credentials. Client or user directly sends credentials to asp.net application code for authenticatio. If application authenticates user it issues a cookie to ensure user is present on subsequent requests.

<!-- Web.config file -->
<system.web>
   <authentication mode="Forms">
      <forms forms="demoApp" loginUrl="/login.aspx" />
   </authentication>
</system.web>
 3. Passport Authentication: Passport authentication mode provides centralized authentication process provided by microsoft passport service. When user site registered with passport, the passport service grants site specific key.
<!-- Web.config file -->
<system.web>
   <authentication mode="Passport" />
</system.web>

ASP.Net Caching, Caching Concept

ASP.NET Caching:

Caching is process of storing frequently used data for reuse. Generally it stores data in memory becuase accessing data from memory is more efficient way rather that generate it again.

ASP.NET provides two types of catching:
1. Output Caching
2. Application Data Caching

Page Output Caching:
 Output caching is done with entire page or with the fragment/part of the page.
 a. Page Output Caching: ASP.Net allows caching entire contents of the page. This is good for caching static pages.

<%@ OutputCache Duration="60" VaryByParam="None" %>

Fragement/Pratial Page Caching:
  This is same as page output caching, but instead it uses to store part or fragment of the page in cache. This is done by caching user controls (.ascx) used in page.

<%@ OutputCache Duration="300" VaryByParam="*" Shared="true" %>

Here shared="true" is used to share same HTML if the user control is used in more than one pages, and to avoid caching same output/HTML of user control multiple time.

Application Data Caching: 

This is used to store data in cache like dataset or any collection objects, or any object that need to be cached:

Item can be added to cache using Cache.Insert(param, param) with expiration parameter. Also Item can be added to cache using Cache.add(param, param) with priority.

Data set can be added to cache like Cache["MyDataSet"] = MyDataSet; and retrived like ds = (DataSet) Cache["MyDataSet"].