ASP.NET: Permission/authentication architecture

Question

I am looking into building an authentication in my ASP.NET application with the following requirements.

• A user has exactly one Role (i.e. Admin, S

Answer 1

The membership API provided since ASP.NET 2.0 should suit your requirements well. The only thing I'm afraid it doesn't directly support is hierarchical roles. However you can easily use normal role based security with another manually written hierarchical roles table to achieve the required things.