Episerver is designed to meet high standards regarding security features within a wide range of scenarios. Login security in Episerver CMS is based on the authentication and authorization system uses the built-in membership and role system in ASP.NET. This document provides an overview of security management in Episerver. The Episerver platform also supports ADFS/SSO and OWIN.
The Episerver platform handles the following common security concerns.
Note: Where and how user credentials are stored, depends on the authentication provider used. The separation of authentication and authorization increases flexibility. Making a call to a provider lets you delegate security operations to a separate machine, thereby increasing scalability. For infomation, see Authorization and Authentication. Episerver also supports single sign-on and federated claims based authenticaton.
The Episerver platform provides support for ADFS/SSO, and the OWIN standard interface between .NET web servers and applications. The following topics provide more information.
Last updated: Sep 21, 2015