All greetings Anyone can do their implementation Authorization system? Do not use the Membership API?
Of course we could implement custom providers to plug a different database into this framework, as detailed at MSDN, but if my application is going to use a repository pattern for data access, and I’m going to have specific controllers and views for creating/editing users, why should membership and authorization be routed through this other framework?
If yes: I'm just interested in how not to make holes in security. Use FormsAuthenticationTicket? How about IPrincipal?
Maybe you have some example or project on codeplex.com on other Authorization/Authentication