Re: Add extra parameter to Login/Membership - ASP 2.0

From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 10/25/05

  • Next message: David Sack: "Re: Add extra parameter to Login/Membership - ASP 2.0" 
    Date: Tue, 25 Oct 2005 08:11:37 -0700

    Hello David,

    this is fine for Membership - but the role provider, or more specifically
    the RoleManagerModule is called on every request in your local application.
    It subscribes to PostAuthenticateRequest in the HTTP pipeline to get the
    roles for the user and sets Context.User. This will pick up the ApplicationID
    of your local application.

    so i think this will not work...

    To be honest, i think a provider will not work at all for you ...

    Let's say you have written your own provider witch a new ValidateUser method
    that takes an additional application name as parameter - how do you want
    to teach the login control the trick (without templating and basically rebuilding
    it) ??

    Well - you could subclass the SqlMembershipProvider and add a ApplicationName
    property that you set on Application_Start e.g. - not a perfect solution
    - but again this means you have to override ValidateUser and quite a number
    of other methods.

    On the other hand - if you don't use the new security controls - why would
    you go through the hassle of building a provider - most probably you'll only
    need 60% of the functionality.

    So why not simply go for your own compact authentication library that does
    exactly what you want - deploy it in the GAC and use it from all your apps??

    providers are no panacea (unfortunately).

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Something kind of clicked when I thought about this after the fact.
    > As far as I can tell the ApplicationID is set from the Web.Config
    > file. If I were to create application directories under my home
    > directory that had a different ApplicationID specified then create a
    > login form on that directory that would redirect on a successful login
    > the the main menu page in the parent web directory it would used the
    > sub applications authentication to allow access based upon the
    > ApplicationID.
    >
    > I have tested it quickly and it seems to work. I don't know how it
    > will affect overall security or the use of roles? I would also have
    > the create a sub-application login directory for each unique site that
    > would be accessing the site. That could turn into a pain.
    >
    > Let me know what you think?
    >
    > Thanks again,
    > Dave
    > "Dominick Baier [DevelopMentor]"
    > <dbaier@pleasepleasenospamdevelop.com>
    > wrote in message
    > news:4256546011e8cd8c7a72e63bf10ca@news.microsoft.com...
    >> Hello David,
    >>
    >> can you "misuse" the ApplicationName for that??
    >>
    >> otherwise i guess you need a custom provider.
    >> ---------------------------------------
    >> Dominick Baier - DevelopMentor
    >> http://www.leastprivilege.com
    >>> I hope can explain this properly. I have a time keeping site that
    >>> host multiple companies data in a single database. I would like the
    >>> logins to be unique for each company but not across the entire site
    >>> (i.e. I could have two jsmith logins as long as they are with
    >>> seperate companies).
    >>>
    >>> I would like to add a drop down box to the login that allow the user
    >>> to select the company that they are with. By adding a "site" column
    >>> to the users table I would be able to partition the users so that
    >>> they would be authenticated only against the id that has a "site"
    >>> that matches theirs.
    >>>
    >>> Does this require creating a custom membership provider? I have
    >>> written my own authentication routines in the past and can do so for
    >>> this projects but I would really like to leverage the existing
    >>> membership/role capablility of ASP2. I'm not sure that I have the
    >>> skills needed to write a custom membership provider. I just want to
    >>> make sure that I wasn't missing anything.
    >>>
    >>> Thanks
    >>> Dave

  • Next message: David Sack: "Re: Add extra parameter to Login/Membership - ASP 2.0"

    Relevant Pages

    • Re: Add extra parameter to Login/Membership - ASP 2.0
      ... Hadn't thought about the re-writing of the controls beyond the Login ... > this is fine for Membership - but the role provider, ... > want to teach the login control the trick (without templating and ... >> As far as I can tell the ApplicationID is set from the Web.Config ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Re: Add extra parameter to Login/Membership - ASP 2.0
      ... far as I can tell the ApplicationID is set from the Web.Config file. ... different ApplicationID specified then create a login form on that directory ... sub-application login directory for each unique site that would be accessing ... >> skills needed to write a custom membership provider. ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Re: Forms Based Auth Problem -WSS3.0
      ... admin if you have enabled forms based auth (This is the only reason I ... Your application must have custom login functionality ... Event message: Membership credential verification failed. ... Role provider, Profile provider etc.) must have the same value. ...
      (microsoft.public.sharepoint.windowsservices)
    • I feel it makes sense NOT to use custom membership & role providers
      ... We have tables of logins, that differs much from standard ... I've decided to make custom login control and NOT to use custom ... membership provider and role provider. ...
      (microsoft.public.dotnet.framework.aspnet)
    • Re: Forms Based Auth Problem -WSS3.0
      ... When I try and login it states access ... Your application must have custom login functionality ... Event message: Membership credential verification failed. ... Role provider, Profile provider etc.) must have the same value. ...
      (microsoft.public.sharepoint.windowsservices)