The Form-based authentication is a type of authentication mechanism. It allows the developer to control the look and feel of the login authentication screens by customizing the login screen and error pages that an HTTP browser presents to the end user. The following actions occur when form-based authentication is declared:
- A client requests for accessing a protected resource.
- If the client is unauthenticated, the server redirects the client to a login page.
- The client submits the login form to the server.
- The server attempts to authenticate the user.
- If authentication succeeds, the authenticated user’s principal is checked to ensure it is in a role that is authorized to access the resource. If the user is authorized, the server redirects the client to the resource using the stored URL path.
- If authentication fails, the client is forwarded or redirected to an error page.
Responses to “What is the form based authentication technique?”