c# – ASP.NET MVC 3 Authentication and Authorization



I am creating a site using ASP.NET MVC 3. At the moment, I got to implementing the site admin access rights. Many of the tutorials and examples I've looked at use an out-of-the-box solution based on the Web Site Administration Tool that uses their generated tables. I would like to create my own admin permissions logic with my own database. To do this, I need to create a data model class and a controller that will manage this model. Can anyone help with this issue?


It's about Windows Forms Authorization.

In short, you need to implement your classes inherited from the abstract MembershipProvider and RoleProvider , which are responsible for users and roles in this authorization model, respectively.

In the created classes, override only the necessary methods and properties.

Overlapping methods will allow you to use your own database structure.

The created providers must be specified in the site config in the membership and roleManager sections, following the example of the entries already existing there.

You can also customize the ProfileProvider to work with user profiles.

Simple example of MembershipProvider implementation:

public class SiteMember
    public string UserName { get; set; }
    public string Password { get; set; }

public class SimpleMembershipProvider : MembershipProvider {

    private static List<SiteMember> Members = new List<SiteMember> {
        new SiteMember { UserName = "MyUser", Password = "MyPass" }

    public override bool ValidateUser(string username, string password) {
        return Members.Exists(m => (m.UserName==username)&&(m.Password==password));
Scroll to Top