Re: Add extra parameter to Login/Membership - ASP 2.0
From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 10/28/05
- Next message: Colin Peters: "IsInRole problem"
- Previous message: genc_ymeri: "converting ASP.Net session type to an ASP one"
- In reply to: David Sack: "Re: Add extra parameter to Login/Membership - ASP 2.0"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 27 Oct 2005 23:21:04 -0700
Hello David,
in fact, it is easier than i thought -
you can subclass the providers and just override the ApplicationName property
- in the getter you can dynamically fetch the ApplicationName as all of the
provider methods use the property only.
you could e.g. set Context.Items["appname"] to your app/client name before
calling the ValidateUser method (via the login control) - and read it in
the getter again
there may be some testing involved to get that right for the RoleManager..but
i think this will work.
Again - if it makes more sense to tweak the providers vs. building your own
stuff - you decide.
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
> Hadn't thought about the re-writing of the controls beyond the Login
> control. I think that you are correct, It will be more work
> adjusting the existing membership provider and others then just
> creating what I need specifically for this application. Thanks so
> much for the input it was of great value. BTW. I had a chance to
> take a look at your web site, great stuff.
>
> Thanks
> Dave
> "Dominick Baier [DevelopMentor]"
> <dbaier@pleasepleasenospamdevelop.com> wrote in message
> news:4256546011f7e78c7a79e4ac63c1a@news.microsoft.com...
>
>> Hello David,
>>
>> this is fine for Membership - but the role provider, or more
>> specifically the RoleManagerModule is called on every request in your
>> local application. It subscribes to PostAuthenticateRequest in the
>> HTTP pipeline to get the roles for the user and sets Context.User.
>> This will pick up the ApplicationID of your local application.
>>
>> so i think this will not work...
>>
>> To be honest, i think a provider will not work at all for you ...
>>
>> Let's say you have written your own provider witch a new ValidateUser
>> method that takes an additional application name as parameter - how
>> do you want to teach the login control the trick (without templating
>> and basically rebuilding it) ??
>>
>> Well - you could subclass the SqlMembershipProvider and add a
>> ApplicationName property that you set on Application_Start e.g. - not
>> a perfect solution - but again this means you have to override
>> ValidateUser and quite a number of other methods.
>>
>> On the other hand - if you don't use the new security controls - why
>> would you go through the hassle of building a provider - most
>> probably you'll only need 60% of the functionality.
>>
>> So why not simply go for your own compact authentication library that
>> does exactly what you want - deploy it in the GAC and use it from all
>> your apps??
>>
>> providers are no panacea (unfortunately).
>>
>> ---------------------------------------
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>> Something kind of clicked when I thought about this after the fact.
>>> As far as I can tell the ApplicationID is set from the Web.Config
>>> file. If I were to create application directories under my home
>>> directory that had a different ApplicationID specified then create a
>>> login form on that directory that would redirect on a successful
>>> login
>>> the the main menu page in the parent web directory it would used the
>>> sub applications authentication to allow access based upon the
>>> ApplicationID.
>>> I have tested it quickly and it seems to work. I don't know how it
>>> will affect overall security or the use of roles? I would also have
>>> the create a sub-application login directory for each unique site
>>> that would be accessing the site. That could turn into a pain.
>>>
>>> Let me know what you think?
>>>
>>> Thanks again,
>>> Dave
>>> "Dominick Baier [DevelopMentor]"
>>> <dbaier@pleasepleasenospamdevelop.com>
>>> wrote in message
>>> news:4256546011e8cd8c7a72e63bf10ca@news.microsoft.com...
>>>> Hello David,
>>>>
>>>> can you "misuse" the ApplicationName for that??
>>>>
>>>> otherwise i guess you need a custom provider.
>>>> ---------------------------------------
>>>> Dominick Baier - DevelopMentor
>>>> http://www.leastprivilege.com
>>>>> I hope can explain this properly. I have a time keeping site that
>>>>> host multiple companies data in a single database. I would like
>>>>> the logins to be unique for each company but not across the entire
>>>>> site (i.e. I could have two jsmith logins as long as they are with
>>>>> seperate companies).
>>>>>
>>>>> I would like to add a drop down box to the login that allow the
>>>>> user to select the company that they are with. By adding a "site"
>>>>> column to the users table I would be able to partition the users
>>>>> so that they would be authenticated only against the id that has a
>>>>> "site" that matches theirs.
>>>>>
>>>>> Does this require creating a custom membership provider? I have
>>>>> written my own authentication routines in the past and can do so
>>>>> for this projects but I would really like to leverage the existing
>>>>> membership/role capablility of ASP2. I'm not sure that I have the
>>>>> skills needed to write a custom membership provider. I just want
>>>>> to make sure that I wasn't missing anything.
>>>>>
>>>>> Thanks
>>>>> Dave
- Next message: Colin Peters: "IsInRole problem"
- Previous message: genc_ymeri: "converting ASP.Net session type to an ASP one"
- In reply to: David Sack: "Re: Add extra parameter to Login/Membership - ASP 2.0"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
