How does Windows authentication work in ASP.NET

When you create a web application for a smaller set of known users who already have Windows user accounts you can use a solution named Windows authentication as authentication system. The solution matches web users to Windows user accounts that are defined on the local computer or another domain on the network.

Windows authentication isn’t built into ASP.NET and hands over responsibility of authentication to Internet Information Server (IIS).  IIS asks the browser to authenticate itself by providing credentials that map to a Windows user account.  If the user is successfully authenticated, IIS allows the web-page request and passes the user and role information onto ASP.NET and as a result your code can act on it in much the same way that it works with identity information in a forms authentication scenario. The next picture presents end-to-end flow of Windows authentication:

The Windows authentication process

The Windows authentication process