2

I am creating an intranet application and I need help deciding what membership to use.

SimpleMembership is said to be the future of ASP.NET authorization and authentication but it has those websecurity stuff and webpages prefixed tables. Is simplemembership use on a intranet application a correct way of thinking?

In a project two years ago, I've written my own RoleProvider based on SqlMembership and worked fine with authorization by area+controller+action. But I can't see this happening on simplemembership and can't find an article that enlight me on the internet.

Also, I need to associate users to people and removed code-first stuff and added the simplemembership tables to the EDMX. Work Ok, but I need two connection strings on the web.config.

I think membership providers are great to speedup development, removing the authorization and authentication worries from the project, but I don't want to just implement "the old way" (the way I already know), want to push forward to the "new way".

In other hand, Universal Providers are said to be used for old existing providers as stated here:

Universal Providers are intended for cases where you have an existing ASP.NET Membership Provider and you want to use it with another SQL Server database backend (other than SQL Server)

This doesn't sound nice, since the database structure of the UP seems cleaner than SimpleMembership.

To be short, I like the way SimpleMembership works, but those "webpages preffix" on the tables makes the provider look a little "not intended to be used in a intranet application".

programad
  • 1,291
  • 3
  • 19
  • 38
  • Why does the "webpages" prefix give you that feeling? Intranet applications are nearly the same as Internet applications, they are just localized. – jamesSampica Oct 10 '13 at 13:34

2 Answers2

1

MVC4 gives you all the tools to build your own custom membership provider. So if you don't like "webpages_" prefix, write your own provider and name the tables what you want.

TK-421
  • 387
  • 2
  • 11
  • That's nice, Brandon, as I mentioned I've already written a custom role provider myself. But MS says Universal Providers is for legacy and Simple Provider is the future. So you are saying I must customize the SimpleMembership inheriting from ExtendedMembership or customizing the "legacy" SqlProvider is still a good practice? – programad Oct 10 '13 at 17:23
  • I'm only saying that if your hung up on the names of db tables, you can change that, but why bother. Good practice is to use SimpleMembership as is and customize or write your own provider if SimpleMembership absolutely will not work. – TK-421 Oct 10 '13 at 18:08
1

SimpleMembership is the default membership provider for MVC 4 applications created with the "Internet" template. SimpleMembership is an easy to use membership provider for Internet application that is easily extended and provides OAuth support. I would say it probably not a good fit for an Intranet application where you just need a role provider that is linked to Windows security. Also, SimpleMembership is no longer the future of authentication and authorization in ASP.NET. Microsoft has already dropped it in MVC 5 and introduced ASP.NET Identity as the replacement for SimpleMembership.

Kevin Junghans
  • 17,475
  • 4
  • 45
  • 62