ASP.NET: Permission/authentication architecture

Question

I am looking into building an authentication in my ASP.NET application with the following requirements.

• A user has exactly one Role (i.e. Admin, S

Answer 1

I think one of the best implementations that I think will fulfill your requirements is documented here. The only issue is that this hooks into NHibernate, but you can use this as a template to create your own permissions implementation and simply hook into your own event model rather than that of NHibernates Interceptors.

I am working on such a system myself and will blog it once I am happy with it.