RE: Different password policies for different roles
- From: stcheng@xxxxxxxxxxxxxxxxxxxx (Steven Cheng[MSFT])
- Date: Mon, 12 Mar 2007 03:38:56 GMT
Hello Henrik,
From your description, you're using the ASP.NET 2.0 membership service tosecure your web application, and there are two groups of users in your
application, you want each group users have their own password
strength-requirement policy, correct?
As you have found, by default, each ASP.NET membership provider has a set
of settings(include "minRequiredPasswordLength" and
"minRequiredNonalphanumericCharacters"). However, we can not apply
multiple such settings for a single provider.
So far based on my research, you can consider the following two options:
1. Still use single membership provider in your application, and set the
password related policy to the loosest level. And in your application page
UI, you can programmatically do password policy assurance checking. For
example, in user creation, page, you can use different policy assert code
logic to validate the password user entered according to their group.
2. Using multiple membership provders(or other providers such as profile,
role...) is supported in ASP.NET 2.0. You can simply add more entries in
the <membership>/<providers> elements, e.g.
==============
...........
<membership >
<providers>
<add
name="provider1"
................./>
<add
name="provider2"
..................../>
<add
name="provider3"
................./>
</providers>
</membership>
........
=================
And you also need to programmatically retrieve a specific provider from the
registered provider collection and use it to do the membership operations.
e.g.
======
MembershipProvider provider1 = Membership.Providers["provider1"];
=======
Here is a MSDN article demonstrate this, it is using AD membership
provider, but the logic is applying to all multiple providers scenario:
#How To: Use Forms Authentication with Active Directory in Multiple Domains
in ASP.NET 2.0
http://msdn2.microsoft.com/en-us/library/ms998345.aspx
Hope this helps. If you have any further questions, please feel free to
post here.
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
.
- Prev by Date: "ProtectSection" cannot save the file
- Next by Date: Re: "ProtectSection" cannot save the file
- Previous by thread: "ProtectSection" cannot save the file
- Next by thread: Re: domain - user validation
- Index(es):
Relevant Pages
|
