Znode Storefront uses the ASP.NET 2.0 Membership Provider for authentication. This enables you to abstract the authentication layer by writing your own membership provider. For example: To connect to an Active Directory store you would just need to write your own membership provider.

Here's a nice introduction to the ASP.NET 2.0 Membership, Role and Profile service:
http://aspnet.4guysfromrolla.com/articles/120705-1.aspx

This is the section in the web.config file that configures the membership provider in Znode Storefront:

<roleManager enabled="true" defaultProvider="ZNodeRoleProvider">           
<providers>               
<clear/>               
<add name="ZNodeRoleProvider" connectionStringName="ZNodeECommerceDB" applicationName="ZNodeECommerce" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>    
</providers>      
</roleManager>       

<membership defaultProvider="ZNodeMembershipProvider">           
<providers>               
<add name="ZNodeMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ZNodeECommerceDB" applicationName="ZNodeECommerce" minRequiredPasswordLength="5" minRequiredNonalphanumericCharacters="0" enablePasswordReset="true" requiresQuestionAndAnswer="true" requiresUniqueEmail="false" maxInvalidPasswordAttempts="999" passwordAttemptWindow="10"/>           
</providers>       
</membership>