I am starting to build a SaaS business application in ASP.NET MVC2, but before starting, I want to create a good architecture foundation.
I am going to use a common database and a common approach to the scheme, because the data architecture and business logic will be quite simple, and efficiency and cost-effectiveness will be key issues.
To ensure reliable data isolation between tenants, I would like to implement the Tenant View filter security template (see here ). To do this, my application must personify different tenants (database login) based on the user who is included in the application. The process of logging in should be as simple as possible (it will not be enterprise-class software) - therefore, the client should enter only his username and password.
Users will gain access to their data through their own subdomain (using routing subdomains), for example http://tenant1.myapp.com or http://tenant2.myapp.com
What is the best way to execute this scenario?