3

We are converting a major.NET 2.0 project to MVC, we were learning MVC 4 and since MVC 5 is already out, we figured we might as well move straight to MVC 5 since it offers attribute based routing out of the box and .NET 4.5 seems like the platform to develop some chat features we were thinking about using SignalR.

The confusing part for us now is that there are so much information since .NET 2.0 regarding say membership

From research, we saw

  • Simple Membership
  • Universal Membership
  • Identify Membership (1.0, and then 2.x?? what?)

So boils down to one simple question, is ASP.NET Identity THE thing to learn regarding membership when we redesign the app in MVC 5? Simpler Membership / Universal, we can just completely ignore them right?

Sorry all, I'm just really late to the MVC game and I'm trying to catch up. A bit (actually completely) overwhelmed by different articles all talking about different things.

Thanks.

Liming
  • 1,641
  • 3
  • 28
  • 38
  • you need to ask yourself what are you going to use it for and compare benefits – cpoDesign Feb 12 '14 at 21:47
  • It is overwhelming and confusing. This [question](http://stackoverflow.com/questions/21207246/asp-net-identity-vs-simple-membership-pros-and-cons) has lots of good links. You really need to see what features you need _now_ and if you are willing to wait for Identity to mature. Seeing how many new membership APIs MS has given us, waiting is a gamble. – Jasen Feb 12 '14 at 21:55
  • 3
    I know it's probably been said before, but I doubt Microsoft is going to replace Identity. It was specifically designed from the ground up to be flexible and modular with support for claims-based authentication. No previous authentication scheme Microsoft has developed has been so, which is why they needed to be replace. That said, Identity is still very new. It's feature complete from what I can tell (I'm using it), but the documentation and online resources are still lacking. Long and short, Identity is the future, but right now it's not for the faint of heart. – Chris Pratt Feb 12 '14 at 22:06
  • Thanks Jason and Chris. I was happy with what .NET 2.0 membership provided and we had our own additional member tables for other information. Looks like Identity will be the way to move forward. We were late in catching up, so we rather start early this round instead of always play catch up. – Liming Feb 14 '14 at 02:06

1 Answers1

1

Take a step back and realize what all these "solutions" are doing. They are helping you create an identity in ASP.NET and help manage cookies on the client. When you think about it that way you will realize that you need very little to build a good authentication scheme. I always leverage what is in ASP.NET in regards to principal and cookie management, but ignore the database stuff and just implement it myself.

I wrote this post that I hope will help you. You will realize there really isn't much too authentication.

http://www.khalidabuhakmeh.com/asp-net-mvc-5-authentication-breakdown-part-deux

This article was recently listed on the asp.net community site. :)

Khalid Abuhakmeh
  • 10,709
  • 10
  • 52
  • 75
  • Thanks @khalid, excellent article and greatly appreciate the read. and thanks Jasen and Chris. We were happy with just the default .NET 2.0 Membership, but looks like Identity will be the way forward with support for claim based authentication in case we go mobile. Thanks all for helping me clear the road blocks and move forward. – Liming Feb 14 '14 at 02:04