I have a client who needs to integrate custom authentication into a MVC website.
Where in ASP.NET MVC (or core) should I implement the following tasks:
- Authentication
- Conversion of JSON claims to ASP.NET claims
- RBAC membership
- ?????
Possible approaches:
I could have a HTTP Post to
/controller/login, create the auth cookie, and have the client use that as described hereI could use a HTTPHandler to validate incoming calls to each controller. . One thing I like about this approach is that I can (or think I can) choose a different authentication policy per controller.
I could use a HTTP Module as described here and here
I'll be grateful for any assistance (or tips) you can provide in helping me building the right implementation
custom authenticationDo you mean you want to use existing database with custom tables instead of ASP.Net Identity?