Take a look at http://www.asp.net/web-forms/videos/authentication. It seems like its geared towards a newcomer audience. (Yes, it says web-forms, but the information is applicable to a broader scope).

Asp.net already has libraries built in for the basics. You should look into RoleProvider and MembershipProvider.

Basically, you should authenticate each HTTP request. How you perform authentication and how you persist it is up to you. It's possible to store a cookie on the client, use a session, etc...

The definitive guide to forms based website authentication is a nice cross-platform list of do's and don'ts. Tons of info there, and once you're up and running, this will have a bunch of gotchas you may have missed.

Take a look at http://www.asp.net/web-forms/videos/authentication. It seems like its geared towards a newcomer audience. (Yes, it says web-forms, but the information is applicable to a broader scope).

Asp.net already has libraries built in for the basics. You should look into RoleProvider and MembershipProvider.

Basically, you should authenticate each HTTP request. How you perform authentication and how you persist it is up to you. It's possible to store a cookie on the client, use a session, etc...

The definitive guide to forms based website authentication is a nice cross-platform list of do's and don'ts. Tons of info there, and once you're up and running, this will have a bunch of gotchas you may have missed.