Re: Add extra parameter to Login/Membership - ASP 2.0

From: David Sack (dsackNoSpam_at_NoSpamwp-int.com)
Date: 10/25/05 

Date: Tue, 25 Oct 2005 08:13:38 -0400

  Something kind of clicked when I thought about this after the fact. As
far as I can tell the ApplicationID is set from the Web.Config file. If I
were to create application directories under my home directory that had a
different ApplicationID specified then create a login form on that directory
that would redirect on a successful login the the main menu page in the
parent web directory it would used the sub applications authentication to
allow access based upon the ApplicationID.

  I have tested it quickly and it seems to work. I don't know how it will
affect overall security or the use of roles? I would also have the create a
sub-application login directory for each unique site that would be accessing
the site. That could turn into a pain.

  Let me know what you think?

Thanks again,
Dave
"Dominick Baier [DevelopMentor]" <dbaier@pleasepleasenospamdevelop.com>
wrote in message news:4256546011e8cd8c7a72e63bf10ca@news.microsoft.com...
> Hello David,
>
> can you "misuse" the ApplicationName for that??
>
> otherwise i guess you need a custom provider.
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
>> I hope can explain this properly. I have a time keeping site that
>> host multiple companies data in a single database. I would like the
>> logins to be unique for each company but not across the entire site
>> (i.e. I could have two jsmith logins as long as they are with seperate
>> companies).
>>
>> I would like to add a drop down box to the login that allow the user
>> to select the company that they are with. By adding a "site" column
>> to the users table I would be able to partition the users so that they
>> would be authenticated only against the id that has a "site" that
>> matches theirs.
>>
>> Does this require creating a custom membership provider? I have
>> written my own authentication routines in the past and can do so for
>> this projects but I would really like to leverage the existing
>> membership/role capablility of ASP2. I'm not sure that I have the
>> skills needed to write a custom membership provider. I just want to
>> make sure that I wasn't missing anything.
>>
>> Thanks
>> Dave
>
>

Relevant Pages

  • Re: Add extra parameter to Login/Membership - ASP 2.0
    ... Hadn't thought about the re-writing of the controls beyond the Login ... > this is fine for Membership - but the role provider, ... > want to teach the login control the trick (without templating and ... >> As far as I can tell the ApplicationID is set from the Web.Config ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Add extra parameter to Login/Membership - ASP 2.0
    ... i think a provider will not work at all for you ... ... to teach the login control the trick (without templating and basically rebuilding ... > As far as I can tell the ApplicationID is set from the Web.Config ... > the create a sub-application login directory for each unique site that ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: some stuff private
    ... Protect the directory in windows. ... Now, if a regular login page is not an option, you can ... either use a custom Membership provider, or you can fake it by using the ... You have the ability to log someone in without them supplying credentials. ...
    (microsoft.public.dotnet.framework.aspnet)