ASP.NET offers some simple tools for handling user authentication and role-based authorization. But, what happens when you are dealing with a legacy database? How about when you need more than just role-based authentication or permissions management? If you try to stay within the ASP.NET Membership provider model, you can wind up with a big mess, but there are also some very useful features you don’t want to give up. This talk will show you how you can use the best of ASP.NET FormsAuthentication with simple, clean customization that will keep your web app secure, while allowing you the flexibility to handle user information in whatever way works for your business needs.
Brian Donahue is a software developer with 10 years experience with a variety of web application platforms, focusing recently on ASP.NET. He was recently awarded a Microsoft MVP award in the C# language. As an organizer of the Philly ALT.NET user group (http://phillyalt.net and @phillyaltnet on Twitter), Brian tries to promote best practices and design principles proven throughout the software industry, and encourage continuous learning and improvement in the .NET developer community. His consulting company, Vitreo Solutions ( www.vitreosolutions.com), builds custom business software for its clients.