Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What are the advantages of a custom MembershipProvider in ASP.NET?

Tags:

asp.net

If I need to implement my own MembershipProvider class, I have to implement all the services I require myself, so what advantage do I gain by implementing a MembershipProvider derived class versus just writing my own MySecurity class?

like image 349
ProfK Avatar asked Mar 29 '09 20:03

ProfK


People also ask

What is membership provider in asp net?

The ASP.NET membership provider is a feature that enables ASP.NET developers to create Web sites that allow users to create unique user name and password combinations. With this facility, any user can establish an account with the site, and sign in for exclusive access to the site and its services.

Which namespace contains the membership provider class?

Web. Security namespace includes a class named MembershipUser that defines the basic attributes of a membership user and that a membership provider uses to represent individual users.

What is membership configuration?

Membership configuration is where default settings are defined for the Membership module of the agency websites.

Can we use membership in .NET core?

MemberShip is not compatible in asp.net core, so you cannot use it. If you don't want to migrate the database schema, you can use Identity instead.


1 Answers

Getting an authentication system right is hard, because it's so easy to build something that only appears to work. You don't want to find yourself in a situation where a year after deployment you finally discover your system was cracked six months previously.

Building your system using the MembershipProvider model helps you do it right by giving you a skeleton that lends itself to being implemented correctly. You only need to accurately fill in a set of methods, and you can rely on the high-level architecture provided to make sure you are using the right methods in the right places.

Getting individual method implementations done right is comparatively easy. You can put those into your unit test and have confidence that they do what they are supposed to.

Put another way, you don't have to worry about whether you check your authentication token in the right places. The parts of ASP.Net that call into the membership provider know when to do that. All you have to do is correctly implement the check, and that normally comes down to a simple comparison.

Additionally, you may not need to start from scratch. You have to option to inherit from an existing provider and only add the functionality you want that it doesn't already provide.

like image 139
Joel Coehoorn Avatar answered Nov 03 '22 02:11

Joel Coehoorn