Hopefully I can add some additional clarity over the other answers as they really don't explain what's going on which isn't going to help your confusion.
First up, implement your custom provider which from the sound of things you've done already, so I'll just throw up a little code snippet and won't go into any further detail here:
using System.Web.Security;
public class MyCustomMembershipProvider : MembershipProvider
{
public override bool ValidateUser(string username, string password)
{
if (username.Equals("BenAlabaster") && password.Equals("Elephant"))
return true;
return false;
}
/* Override all the other methods required to extend MembershipProvider */
}
Then you configure your provider in your web.config making sure to populate the attributes that configure the base MembershipProvider:
<membership defaultProvider="MyCustomMembershipProvider">
<providers>
<clear />
<add name="MyCustomMembershipProvider"
type="MyNamespace.MyCustomMembershipProvider"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="true"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="10"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""
applicationName="/" />
</providers>
</membership>
The next bit I think you're overthinking, the actual tie-in to your web application. Whereas in a WebForms app you kind of have to code the rest for yourself - the MVC framework does the rest for you - all you need to do is add the [Authorize] attribute to your action method and the framework will check to see if you're logged in, and if not redirect you to the login page. The login page will find your custom provider because that's what's configured in the web.config and will log your user in. You can access information about the logged in user from your controllers by referencing the User object:
public class WhateverController : Controller
{
[Authorize]
public ActionResult WhateverAction()
{
ViewData["LoggedInAs"] = string.Format("You are logged in as {0}.", User.Identity.Name);
Return View();
}
}
So this action requires that the user is logged in and presents the user information to the Whatever/WhateverAction.aspx view to be displayed on the page.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…