0

I've been tasked with creating a ASP.net MVC web-based login system with registration, forgot password, and login but the existing system already has all the stored procedures to support this functionality and they don't fit well within the Membership interfaces.

Are there any advantages to implementing a custom membership provider? This answer makes reference to "integrations" but I am not sure what integrations it is referring to. Other than that, what is/are the benefit(s)?

I can see how a custom Role provider would benefit me, such as using Authorize attributes on my MVC actions. Can I create a custom role provider without creating/implementing a Membership provider?

Community
  • 1
  • 1
Swisher Sweet
  • 769
  • 11
  • 33

1 Answers1

0

If you have an option to use MVC 4, you can get your requirement fulfilled with SimpleMembershipProvider quite easily. It does provide simple to use interface for registering a new user, change/forgot password, and login. It also has its own RoleProvider that work well for most role management scenario.

To start with, its a good framework to use. The best part is, you can customize it whenever you want (this will happen most of the time when you load authentication and authorization mechanism to do more than what it should ideally be doing). As long as your MembershipProvider is derived from ExtendedMembershipProvider, it will work well with WebSecurity.

The benefit of implementing a custom provider is you get full control on the functionality provided by the provider API e.g. If you want to authenticate a user using custom algorithm then you can override ValidateUser method and add your custom implementation there.

About you last question, "can I create a custom role provider without creating/implementing a Membership provider?", I think it should be possible, have not tried personally though. You can try it referring to this link.

Hope this helps a bit.

SBirthare
  • 5,117
  • 4
  • 34
  • 59
  • Thanks for the answer. I don't believe any out of the box implementation of Membership provider is going to work for me since I must use existing tables and stored procedures. Thus, that is why I am inquiring about the advantages/benefits of using a CustomerMembershipProvider vs just coding the security methods in a service class of sorts. – Swisher Sweet Sep 04 '13 at 19:52
  • Yes in that case you have to implement your own provider that uses custom tables and SPs in provider implementation. If you implement custom provider deriving ExtendedMembershipProvider, you can use existing well thought WebSecurity APIs, that internally uses provider implementation which could be your provider. Otherwise you have to start from scratch with API design. – SBirthare Sep 05 '13 at 04:13