ASP.NET MVC User Authentication

I am using the Repository/Service pattern with a MVC 3 application.

My question is two fold:

1) Where do you manage the authentication at? In the service layer or in the MVC application itself?

2) Should I be using a custom membership provider a开发者_如何学JAVAnd forms authentication?

Thanks, Sam

In my case, I tend to create an authentication service that handles the logic for this.

In the actual application, I use Forms authentication, but calls to a custom service to handle the details. That way, I can reuse the authentication mechanism(s) for other applications, or trade them out to a different standard altogether, whatever is best.

The answer is always it depends,

1. Normally I delegate every tasks to Service Layer including authentication when MVC application is merely one of the many interfaces.
2. I think you should use it if it fits your requirement