I've managed to successfully implement a custom MembershipProvider for my MVC2 application. I have my own User table as well as Role table.
My problem right now is that when I put in the [Authorize(Roles="blah")] attribute, it doesn't work. I've searched a bit but haven't found a definitive answer I'm looking for, which is -- how does this Role authorization work? My web.config uses the standard AspNet role provider.
My understanding is that I have to have my User.cs class implement the IPrincipal interface, which means, adding the code to check for IsInRole.
My question(s) -- is this correct? How does the framework know to and know how to get my custom User object? My understanding is that the Asp.Net authentication & authorization pieces work with MembershipUser.
Any tips, thoughts, or links would be greatly appreciated, Thx