The objective of this thesis work was to find the best solution for authentication and authorization in an existing web application. After careful research the conclusion was that claims-based authentication and authorization is potential alternative to satisfy the requirements, specified by the owner of the web application.

Research was made using different online sources such as e-books and articles. This thesis includes some examples which meet on the given requirements. Examples are theoretical and they haven’t been evaluated because of given schedule.

Claims-based authentication is a very good alternative for most web applications. It gives them more modularity because claims-based authentication decouples authentication logic from authorization logic. Additionally, in claims-based approach your application doesn't have to authenticate users because a trusted identity provider does it for your application. Claims-based application can also be integrated with different companies’ user management systems so that users can use single credentials for different applications which they have to use.

Claims-based authorization gives also more modularity for the application. It makes application maintenance much easier because authorization logic can be decoupled from the application’s business logic. It makes also possible to make much fine grained authorization decisions without losing control of maintenance.