Authentication and Authorisation in .NET

Detailed workshop on Principal Based security - Simple samples. Authentication is the part of verifying your identity. Authorization is determining whether or not a user has the permission to perform an action in the application. .NET framework provides access to the user through an identity and authorization access through a principal. Principal is (user or group of users) The framework provides two different types of principals, A Windows principal (WindowsPrincipal). It works against the underlying Windows OS A generic principal (GenericPrincipal). A principal and identity that is not bound to the underlying Windows user. + custom principal and identity by implementing the IPrincipal and IIdentity interface.