Kassem Hi everyone, So I finally realized I could actually use FormsAuthentication without having to use the Membership API. I felt stupid for wasting too much time trying to create my own session management and authentication systems but it was good to know that I could use FormsAuthentication after all... Anyway, I'm still not so sure about a few things... 1. If I want to implement a Remember Me feature, all I have to do is set the IsPersistent property of the FormsAuthenticationTicket to true? 2. If I'm not using the built-in Membership API and using my own instead. In order to be able to use the Authorize attribute, I need to override the Roles property (in a class that inherits Authorize I mean), right? Are there any other methods/properties I need to override to get it to work like it does with the Membership API?
ali-koubeissi Hello Kassem, 1 - Yep, that's about it. 2 - No idea =). Why aren't you using the built-in Membership provider?
xterm ali.koubeissi wroteWhy aren't you using the built-in Membership provider? My guess is that it's quite simplistic. Have you had success incorporating it into a large scale application ?
Kassem Just like xterm said. It's quiet simplistic and I doubt it would fit the needs of ANY project. The only way you can actually use it is by hacking around it: use it as infrastructure that does all the plumbing for you. I thought why in the hell would I want to do that? I'd rather keep my database schema as simple and normalized as possible rather than adding a bunch of tables I know nothing about and most likely wouldn't need. Add to that, I'm actually using EF 4.1 Code First as my ORM which generates the database on the fly, so using the Membership API is going to be very problematic. I built everything from scratch and I'm quiet happy about it so far, but I still need to test my custom Authorize attribute because I really wouldn't want to lose the ability to decorate my Action Methods with an attribute just because I'm not using Microsoft's Membership API.