One membership provider for many applications

Question

Just like "Log in with StackExchange", I expect that StackExchange have a custom membership provider to be used for many applications.

I have many web applications, subjected to extend and i would like to have one database and a shared membership application to handle Login, Registration, profile and Role-based membership management.

After some research, I also found that using a WCF Service to handle this implementation would be a good idea.

I am just trying to get a feel of it before I go ahead with any application, and if there is any open source projects or even resources, I would prefer not to reinvent the wheel.

Could anyone tell me how could it be implemented?

Answer 1

There are several options available to you - the ASP.NET Membership Provider connected to a shared membership database, WCF Authentication Services, or OAuth.

ASP.NET Membership Provider

This doesn't have to be a custom membership provider - the standard SqlMembershipProvider model will cover your requirements, as long as each site can access the shared database. See here : http://msdn.microsoft.com/en-us/library/ms731049%28v=vs.110%29.aspx

WCF Authentication Services

If connecting to a shared database is not an option, then yes, WCF Authentication Services are available to you. WCF already gives you lots of pre-built code, so you wouldn't be reinventing the wheel. See here for specific code examples:

Walkthrough: Using ASP.NET Application Services

How to: Enable the WCF Authentication Service

How to: Customize User Login When Using the WCF Authentication Service

How to: Use Non-default Membership Provider for WCF Authentication Service

How to: Customize the Authentication Cookie from the WCF Authentication Service

OAuth

OAuth is a big topic, and a big opinion splitter. Have a read of this introductory article on MSDN. You may also want to consider a pre-built .NET OAuth library - see this one : http://oauth.net/code/