Are there other standards for user authorization / permission other than the standard Role-based access control implemented by Microsoft for .NET technologies?
Are there other standards for user authorization / permission other than the standard Role-based access control implemented by Microsoft for .NET technologies?
By Microsoft, there are basically 3 ways to design pattern for permissions:
The most widespread pattern is Role-Based , precisely because until the emergence of ASP.NET Identity the default using up MVC4 was Membership and its variants Simple Membership , Extended Membership
It depends on the technology you are using. If you are using MVC, I would suggest you customize a class and specify the roles, for example the AuthorizeAttribute class (System.Web.Mvc).
This link explains it right and has some examples: