We've got an existing ASP.NET web application that already uses a home-grown role based authentication system. Each user has a role and that role is actually a fully realized class in itself. It still boils down to a pretty standard set of roles (user, administrator, owner, etc).
Now we're starting up a new ASP.NET MVC project that uses the same core libraries including the existing users and roles. I'd like to use the built in functionality for role based authorization like:
[Authorize(Roles="administrator")]
We've already modified the default login behavior to check against our existing database of users/passwords and now we need to figure out how best to integrate the roles. Does anyone have any points for the best/simplest solution this? Am I going to have to override OnAuthorization or is there a better way to do this?