What is authentication and authorization ?Types of Authentication and explain?

Authentication is a process of getting credentials of the client.

Authorization is a process of verifying credentials to provide access to the requested web page.

Three types of authentications :

1.Windows-based authentication
2.Forms-based authentication
3.Passport-based authentication

Windows-based authentication:
The ASP.NET Web application relies on the Windows operating system to authenticate the user. ASP.NET uses Windows-based authentication in conjunction with IIS authentication. With Windows-based authentication, the user requests a secure Web page from the Web application, and the request then goes through IIS. If the user’s credentials do not match those of an authorized user, IIS rejects the request. The user then has to enter his or her name and password into the logon form. The credentials are again verified by IIS. If correct, IIS directs the original request to the Web application. The secure Web page is then returned to the user.

Forms-based authentication:
Refers to a system where non-authenticated requests are redirected to a Hypertext Markup Language (HTML) form by using Hypertext Transfer Protocol (HTTP) client-side redirection. The user provides credentials and submits the form. If the application validates the credentials on the form, the system issues an authentication cookie to the user. Subsequent requests from the user are issued with the authentication cookie in the request headers, and then the user is authenticated based on those request headers.

Microsoft Passport authentication:
It is a centralized authentication service that offers a single logon option and core profile services for member sites. Users who sign up to use Passport are authenticated for access to Web sites through a single Passport account. Microsoft Passport is an XML Web service, and it is an integral part of the .NET Framework