Does FluentSecurity replaces Asp.Net membership provider or it's supposed to complement/work together with it?
https://stackoverflow.com/questions/10164717
-
31-05-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm working on an Asp.Net MVC4 site and I wanted to create a membership provided backed by Redis. Since I need the user privileges to be dynamic - user can create new roles in the admin dashboard - I was considering on using FluentSecurity (fluentsecurity.net) in the way explained in this SO question ASP.NET MVC3 Role and Permission Management -> With Runtime Permission Assignment.
So, my question is: Does FluentSecurity replaces Asp.Net membership system (or custom ones based on the membership provider pattern) or is it meant to augment it?
Solution
Fluent Security does not the authentication, just the authorization.
It augments it by replacing the built in Authorize attribute with one of its own. So it uses the identity attached to a thread, and that identity can be put there by the ASP.NET membership provider, by NT authentication, by WIF or whatever else you want to use.
