Is custom membership provider the thing that really worth to follow?
See the question and my original answer on StackOverflowSome advantages of the ASP.NET membership provider API:
- You don't have to reinvent the wheel. New comers on your project will be familiar with a well-known API.
- There are already implementations (SQL Server, Active Directory mostly) available you can re-use or start from.
- It's visually integrated with ASP.NET (Login Controls, etc.)
- You can use the built-in ASP.NET administration tool to create users & roles (it's in fact a good way to check your provider works fine, as it should work with the tool)
- It can be integrated with the .NET (not only ASP.NET) Identity / Principal classes, and can be used to support the PermissionAttribute system (with the associated Role Provider). Although it technically lives in System.Web.dll, you can in fact use it in non-web systems.
- One last thing but quite interesting: you can also use ASP.NET membership providers in WCF services