In a client-server environment, there are plenty of cases where the server has to interact and identify the client that sends a request to the server. Authentication is the process of determining and confirming the identity of the client.
If a client is not successfully identified, it is said to be anonymous.
Types of Authentication
Windows Authentication
Forms Authentication
Passport Authentication
Essentially the Windows Authentication and Forms Authentication are the famous ones, as Passport Authentication is related to a few websites (like microsoft.com, hotmail.com, msn.com etc. only).
Windows Authentication is implemented mostly in Intranet scenarios. When a browser (client) sends a Request to a server where in windows authentication has been implemented, the initial request is anonymous in nature. The server sends back a Response with a message in HTTP Header. This Prompts a Window to display a Modal Dialog Box on the browser, where the end user may enter the "User name" and "Password".
The end user enters the credentials, which are then validated against the User Store on the Windows server. Note that each user who access the Web Application in a Windows Authentication environment needs to have a Windows Account in the company network.
How to avoid or disable the modal dialog box in a Windows Authentication environment?
By enabling the Windows Integrated Authentication checkbox for the web application through settings in IIS.
Forms Authentication is used in Internet based scenarios, where its not practical to provide a Windows based account to each and every user to the Web Server. In a Forms Authentication environment, the user enters credentials, usually a User Name and a corresponding Password, which is validated against a User Information Store, ideally a database table.
Forms Authentication Ticket is the cookie stored on the user's computer, when a user is authenticated. This helps in automatically logging in a user when he/she re-visits the website. When a Forms Authentication ticket is created, when a user re-visits a website, the Forms Authentication Ticket information is sent to the Web Server along with the HTTP Request.