What is ASP.NET Authentication Providers and IIS Security?
ASP.NET executes authentication using authentication providers, which are code modules that determine credentials and implement other security functionality such as cookie generation. ASP.NET supports the following three authentication providers:
Forms Authentication: Using this provider causes unauthenticated requests to be redirected to a specified HTML form using client side redirection. The user can then supply logon credentials, and post the form back to the server. If the application authenticates the request (using application-exact logic), ASP.NET issues a cookie that have the credentials or a key for reacquiring the client identity. Subsequent requests are issued with the cookie in the request headers, which means that subsequent authentications are unnecessary.