All geek questions in one place

Thinking of breaking my idea of ​​creating a custom membership and role provider. Opinions?

I have a web application that I am creating in ASP.NET that has the following security requirements:

  • It should be possible to integrate with the basic authentication scheme, which transfers a unique key to the application to indicate that the user has registered through a third-party site.
  • Must be able to use existing user / role tables.
  • It can use forms authentication and allow users to log in through a separate login page if they are not members of a third-party site.

I tried to configure the roles of SQL and Membership Providers, but I'm having problems, especially because there is a strongly typed MembershipUser object with a unique identifier (providerKey) and there is no place for my own set of keys (there will be two) that identify users.

Should I abandon my user membership provider implementation and just go with cookies / session? I would really like to use the built-in functions, but that doesn't seem doable.

+3
source share
3 answers

, 1 , . . , .

ASP.NET , DotNetNuke, .

+1

, ASP.NET 2.0 .

0

. IMembershipService , -.

. . .

. .. .

FormsAuthentication .

Most systems that rely on asp.net membership provider are truly schizophrenic. You will have 2 user tables, for example, in CommunityServer you have aspnet_users and cs_Users, where cs_Users refers to MemberhipId aspnet_users and where it enters another UserId. It also displays username, etc.

0
source

Source: https://habr.com/ru/post/1706753/

More articles:


All Articles