What alternatives are there for asp.net forms authentication?

8
votes

We are developing a web app that will have a pretty complex user and permission system.

The general idea is that we have 3 levels of security:

  • a simple user - that can only access basic data that is in a data repository
  • a manager - that can open up data repositories
  • a superuser - that can open up repository factories.

each repository contains various data types(text, images, etc etc).

We are looking for authentication methods that will allow us: 1. Scalability. 2. Customization. 3. To create permissions that will effect the GUI + deny access to certain pages. 4. To create predefined roles - that will allow for easy setup of new users. 5. To create custom roles for specific users - allowing them permission sets that are different from the predefined roles.

Thanks in advance

3
c#asp.netauthenticationforms-authentication
why do you need alternative, are you using mysql as back-end server - volody
@volody - i am looking for alternatives because asp.net build in security seems full of features i don't need, and i fear that it will waste a lot of our time on bugs and features we need that don't exist. - Eytan Levit

3 Answers

3
votes

What you are telling in this post is an exact description of the type of thing granted by the ASP.NET Membership system, why not use it?

1
votes

You can do everything you require using the built-in ASP.NET Membership, Roles, and Profile functionality. I recommend checking out Scott Mitchell's excellent series of articles on how to use and customize this functionality.

0
votes

It does sound like the existing framework would work, or that you could create a custom membership/roles provider to add some of the existing features you are looking for. It depends on the requirement details.