We've sampled only some of the new security capabilities in ASP.NET 2.0. The Membership and Role Manager features are specifically designed to solve problems the ASP.NET team saw developers addressing over and over again. Although both complement and can be used easily with Forms Authentication, they were also designed to work independentlyindependently of one another and independently of Forms Authentication. Furthermore, both support the provider design pattern. This design pattern allows you to take complete control over how and where the data used for these features is stored. The provider design pattern gives you ultimate control and flexibility, because you can control the business logic, while developers can learn a simple, friendly, and easy-to-use API.
Although writing code using Membership has become more concise, there are also now cases where no code is required. The new security server controls make many scenarios, such as login or password recovery, much easier to implement. The other security-related server controls simply save you the time formerly required to write code to perform simple tasks such as checking who is logged in.
Finally, the Web Site Administration Tool provides a simple way to administer site security without building custom tools.
Now it's time to extend the topic of users interacting with a site and look at how sites can be personalized.