ASP.NET MVC & Authorization\Authentication & Membership\Role Provider?

M

morph2011-04-28 08:37:17

ASP.NET

morph, 2011-04-28 08:37:17

How useful is the use of Membership + Role Provider in conjunction with ASP.Net MVC?
Are there more appropriate authorization/authentication schemes for ASP.Net MVC?
What would you recommend to read in this direction?
ps I would like to know what schemes are used in various cases (roles and rights are stored in the database, in a file, a dynamic system of rights, etc.). That is, which ones are currently used in conjunction with ASP.Net MVC (v3)

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

A

A1lfeG, 2011-04-28
@A1lfeG

It depends entirely on the project.
If this is something like a social network with hundreds of thousands of users, then your solution will most likely be more productive.
If you need to write fast, then it's safer to use built-in providers than to fence your decisions.
A separate point will be the fact that built-in providers are very difficult to overlay with tests.

X

xunter, 2012-09-02
@xunter

The classic ASP.NET Authorization\Authentication scheme + the declarative approach of marking controllers/actions with the AuthorizeAttribute attribute.
The main difference from the classic ASP.NET is that the entire URL is compared there, while in MVC controllers / actions are compared, i.e. You can set your own access level for each action. For example, one group of users will only be able to view the content, while the other group will be able to edit it.
For example, see the article Understanding Authentication and Authorization

A

Andrey Ishchenko, 2014-01-06
@sepo

Asp.net mvc allows you to override membership, role and profile providers
This chapter was very helpful to me:
metanit.com/sharp/mvc/11.1.php