http://ayende.comAyende @ RahienCopyright (C) Ayende Rahien 2004 - 2021 (c) 202660One of the little-known benefits of the MembershipAPI is that there is a very thorough administration section available for it up on codeplex: http://mywsat.codeplex.com/ Hunzonian, the author, really outdid himself putting that together and it has saved me a lot of time over the years. I have used it in a production MVC site since 2008. Recently I needed an admin section for an MVC site that uses Mongo so I made a port (the MyWSAT project is heavily tied to SQL Server - see project page for details): http://www.nuget.org/List/Packages/MongoWSAT It should be fairly straightforward to make a RavenDB version. If anyone wants to attempt it and would like pointers, hit me up via nuget or github. http://ayende.com/121857/system-users-and-application-users#comment7http://ayende.com/121857/system-users-and-application-users#comment7Sun, 30 Oct 2011 17:11:31 GMTJustin, I am looking forward to your sample. Are there any other good samples out there of integrating IPrincipal with MVC?http://ayende.com/121857/system-users-and-application-users#comment6http://ayende.com/121857/system-users-and-application-users#comment6Sun, 23 Oct 2011 19:25:54 GMT@Daniel Lang - keep well away from the evil Membership API. Ayende and Andrew summed it up nicely. In fact, when I get a chance, I'll try and complete my facebook integration/authorization into RavenOverflow so you can see how you can have _application users_ in an application, easily and without having to have passwords also. watch this space (in a week or so).http://ayende.com/121857/system-users-and-application-users#comment5http://ayende.com/121857/system-users-and-application-users#comment5Tue, 18 Oct 2011 22:50:53 GMTAyende and Andrew, thanks, I see your point. I will take a look at implementing IPrincipal instead or writing a custom authorization filter. http://ayende.com/121857/system-users-and-application-users#comment4http://ayende.com/121857/system-users-and-application-users#comment4Tue, 18 Oct 2011 11:17:47 GMTThe membership API is pretty awful. The cons really do outweigh the pros... Daniel - you can just implement IPrincipal to get the out-of-the-box Authorize attribute to work. I usually do this and use forms authentication vs using the membership provider.http://ayende.com/121857/system-users-and-application-users#comment3http://ayende.com/121857/system-users-and-application-users#comment3Tue, 18 Oct 2011 11:08:49 GMTDaniel, It is a huge API, it makes a lot of assumptions and it is really not nice to work with in terms of what it gives you and what you have to implementhttp://ayende.com/121857/system-users-and-application-users#comment2http://ayende.com/121857/system-users-and-application-users#comment2Tue, 18 Oct 2011 11:05:35 GMTAyende, what is the problem with the membership API? I find it quite useful to implement at least a few methods of both providers, so that the Authorize attribute works on controllers and actions.http://ayende.com/121857/system-users-and-application-users#comment1http://ayende.com/121857/system-users-and-application-users#comment1Tue, 18 Oct 2011 10:58:56 GMT