Extending Roles and Membership

As discussed previously, one of the benefits of ASP.NET MVC is that it runs on top of the mature, full-featured ASP.NET core. Authentication and authorization in ASP.NET MVC are built on top of the Role and Membership classes found in the System.Web.Security namespace. This is helpful for several reasons:

You can use existing code and skills based on working with the ASP.NET Membership system.
You can extend components of ASP.NET MVC that deal with security (such as authorization and the default AccountController) using the ASP.NET Membership and Roles APIs.
You can leverage the provider system to create your own Membership, Role, and Profile providers that will work with ASP.NET MVC.

I've written an extensive blog post titled ASP.NET MVC Authentication — Customizing Authentication and Authorization The Right Way: http://bit.ly/CustomizeMvcAuthentication.

Get Professional ASP.NET MVC 4 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Professional ASP.NET MVC 4 by

Extending Roles and Membership

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly