0

I would like to do save some membership information like username and password for authentication purpose using c# Web API. As my server don't have any database, originally I use Formauthenication.Validate with saving all the credentials in web.config.

However, I found out that this method will soon be obsoleted. Is there a way to so. Like saving the credentials in a server place like web.config that will not need to provide a database service.

I know customise a membership provider would probably be a way. But all the example need to save in a database.

This question would be similar as the following

Config-based authentication in ASP.NET MVC4

Community
  • 1
  • 1
Goldfish
  • 11
  • 1
  • Possibly related: http://stackoverflow.com/questions/21061827/formsauthentication-object-obsolete-using-mvc5 – Ron Beyer Jul 29 '15 at 15:54

1 Answers1

0

ASP.NET Membership in its entirety and all related tech such as Forms Auth, Simple Membership, MembershipProvider, etc. is deprecated. Creating a custom membership provider would be pointless as that itself requires forms auth.

If you don't want to involve a database, pretty much your only option is something like HTTP Digest or Windows Auth. However, HTTP digest is pretty insecure, and Windows Auth only makes sense if all the users are on the same domain. You can technically still use ASP.NET Membership, at least for the time being. You'll just be frozen in time as far as MVC updates go. I'd really recommend just biting the bullet and using a real authentication solution that's database-backed, namely Identity.

Chris Pratt
  • 232,153
  • 36
  • 385
  • 444