We are developing a web app that will have a pretty complex user and permission system.
The general idea is that we have 3 levels of security:
- a simple user – that can only access basic data that is in a data repository
- a manager – that can open up data repositories
- a superuser – that can open up repository factories.
each repository contains various data types(text, images, etc etc).
We are looking for authentication methods that will allow us:
1. Scalability.
2. Customization.
3. To create permissions that will effect the GUI + deny access to certain pages.
4. To create predefined roles – that will allow for easy setup of new users.
5. To create custom roles for specific users – allowing them permission sets that are different from the predefined roles.
Thanks in advance
You can do everything you require using the built-in ASP.NET Membership, Roles, and Profile functionality. I recommend checking out Scott Mitchell’s excellent series of articles on how to use and customize this functionality.