What is Forms Authentication is ASP.Net?
If you needs to validate your own users authentication by providing user name and password, you have to establish a security settings on asp.net forms or each page request. To implement this mechanism ASP.Net provides an infrastructure is called Forms authentication. The main advantage of Forms Authentication is, the basic user information, such as user name and password is stored in an encrypted authentication cookie (ticket). Forms Authentication is a token or ticket based system. When user log in, the basic user information should store on the token. So you can control the anonymous user access by implementing the token system.
How Forms Authentication works?
When a user request an ASP.Net page, then ASP.Net run time verifies whether the forms authentication token is available, if not available, ASP.Net automatically redirect the user to a login page. If authentication token (cookie) is available, ASP.Net login page validate the user credentials and if the user successfully validate then redirect the user to the requested page.
Here you could find an example, how to implement a simple form based authentication.
How to exclude a page from Forms Authentication?
To exclude a page from forms authentication, you can use the <location> tag in web.config file. For example, (Please click on image to enlarge)
Here, registration.aspx page would be excluded from forms authentication. If you want to exclude a group of pages from forms authentication, you can add a folder name instead of a page name in the location path tag.
