WEB Site Administration Tool vs WEB.CONFIG For Security Administration

See more:

web

form

I'm totally new to the WEB Site Security model in the .Net Framework. It looks like I can assign access rules to users and/or roles using WEB.config or the WEB site administration tool. Or for that matter I could roll my ownusing the membership controls. The WEB site administration tool places/maintains entries in the ASPNET tables in my SQL Server tablesand does not create/change corresponding entries in my WEB.config file. If I make/change entries in my WEB.config file these changes do not affect my ASPNET tables. On balance I think maintaining my security/permissions within the ASPNET tables is a preferred approach. However this seems to require using the WEB site administration tool which will not be available after I deploy my application. My questions are: 1. Which is better? 2. How does the WEB.config file relate to the ASPNET tables? 3. If I use both, in a hybrid sort of approach, how would conflicts between the two be resolved? Thank you for any information you are willing to provide, it is definitely appreciated................Phil Hoop