Reputation: 38228
Advantage of implementing my own role based authorization instead of using Membership?
I read this article here http://www.codeproject.com/KB/web-security/RolesFormsAuthorization.aspx
What is the limitation of Membership that would require me to implement my own ?
Upvotes: 0
Views: 246
Answers (2)
Reputation: 33128
The primary limitation is using the arbitrary database design of the Membership provider along with being relegated to the Membership API.
I have always found the membership provider API to be kludgy (at best) and the database design it requires to work out of box to be atrocious. I have never once used the builtin membership to fruition ... I think ever but absolutely not in any application I have in production.
So to sum it up, the primary reason to not use the membership provider out of box is the database design will not match your design and you will have a hell of a time trying to use your application database + membership database together or you will have a large amount of insidious data duplication of users, ASP.NET user vs application user.
Upvotes: 1
Reputation: 819
Personally I've found the standard membership provider extreamly flexible. But one reason could be to allow your website to authenticate users against a legacy database containing usernames and passwords created by a different system, or to authenticate against a web service.
Upvotes: 1
Related Questions
- Is *not* using the asp.net membership provider a bad idea?
- Should i use Role based Authentification?
- Why should I use ASP.NET Membership security model?
- Using Membership rather than just creating your own class
- ASP.NET Membership: to be or not to be?
- ASP.NET Membership advantages
- ASP.NET Role Provider vs Membership Provider
- Is it worth using ASP.NET's membership/role provider model if you're doing a completely homebaked implementation?
- Cons of ASP.NET memberships roles and authentication?
- What are the advantages of a custom MembershipProvider in ASP.NET?