I was just going through the new MVC Music Store tutorial at asp.net. One of the last steps is to add "Membership and authorization". The tutorial has me launch a configuration tool that doesn't seem to have anything to do with my site.
2 things:
If I am able to do 2 above and bypass the tool am I still allowed to use the annotations such as:
[Authorize(Roles = "Administrator")]
Tool may be ambiguous. I am referring to the ASP.Net Web Application Administration Tool. It's a blue and white web page with some tabs across the top (Home, Security, Application, Provider).
It works the same way as ASP.NET Membership and Roles have always worked, and in fact uses the same system. There are already tons and tons of questions here on the subject, and a quick google will also find tons of articles.
To be specific, the asp.net tool stores users in the database in the aspnet_* tables. Yes, you can bypass it and implement your own, though that isn't typically necessary. The asp.net tool is just a quick and easy tool to manage this process, and you will likely have to implement your own.
Yes, you can still use the AuthorizeAttribute.. again, it's all part of the generic Membership and Roles system provided by asp.net (which there is tons of information about).