什么是在ASP.NET MVC用户授权/认证？

What is the best method for user authorisation/authentication in ASP.NET MVC?

我看到真的有两种方法：

I see there are really two approaches:

我倒是preFER第二个选项，因为用户是我的域模型的一部分​​（和我的零的经验与ASP.NET的内置的东西），但我真的喜欢听什么人一直在做这方面的。

I'd prefer the second option, because User is part of my domain model (and I have zero experience with ASP.NET's built-in stuff), but I'd really like to hear what people have been doing in this area.

推荐答案

其实是有第三种方法。在asp.net会员功能基于提供者模型。你可以写一个自定义的供应商，从而能够提供自己的实现数据是如何存储，但保留多少asp.net成员的利益。

There is actually a third approach. The asp.net membership functionality is based on the provider model. You can write a custom provider, thus being able to provide your own implementation for how the data is stored, but retaining much of the benefit of asp.net membership.

关于这个问题的一些文章：

Some articles on the subject:

http://msdn.microsoft.com/en-us/library/f1kyba5e.aspx

http://www.asp.net/learn/videos/video-189.aspx

http://www.15seconds.com/issue/050216.htm

http://davidhayden.com/blog/dave/archive/2007/10/11/CreateCustomMembershipProviderASPNETWebsiteSecurity.aspx