MVC 4.0身份认证杂篇

1. MVC 4.0使用了缺省SimpleMembership, SimpleMembershipProvider is an implementaiton of an ExtendedMembershipProvider, which inherits from MembershipProvider and adds some other account / OAuth related things。并且用facade模式包装成了webSecurity类，这个SimpleMembership可以读取自定义的users表，只要初始化函数就可以

WebSecurity.InitializeDatabaseFile("SecurityDemo.sdf", "Users", "UserID", "Username", true);

参数分别代表：数据库名称或连接串，表名，ID字段名，username字段名，是否自动创建其它表

参考：http://weblogs.asp.net/jgalloway/archive/2012/08/29/simplemembership-membership-providers-universal-providers-and-the-new-asp-net-4-5-web-forms-and-asp-net-mvc-4-templates.aspx

2. If your forms authentication ticket needs to

be shared between applications using an older versions of the .NET framework, you must explicitly configure your .NET 4.5 apps to use the earlier machine compatibility modes, or they will not be able to encrypt/decrypt the forms authentication ticket.

In your .net 4.5 appication's web.config

<system.web><machineKey compatibilityMode="Framework20SP2"/></system.web>

This will allow your .NET 4.5 apps to work with forms authentication tickets generated by earlier .NET versions.

Note: If any of your servers do not have .NET Framework 2.0 SP2 installed, you will need to set the compatibility mode to "Framework20SP1" instead.

MSDN - MachineKeySection.CompatibilityMode Property