ASP.NET 2: Membership/RoleMangement vs. ASP.NET 1.1.. question

matt_at_mailinator.com
Date: 11/01/05 

Date: 1 Nov 2005 00:50:18 -0800

hello,

im working on my first public-facing ASP.NET 2 website, and i have a
question/concern about authentication integration.

in ASP.NET 1.1, one would typically go w/ a "role yer own"
webforms/database role-based model: in your db youd have a Users table,
a RoleGroups table, a UserRoles table (see
http://aspnet.4guysfromrolla.com/articles/082703-1.aspx).

this worked well, because it hooked in directly with your typical Users
table (UserID, UserName, Email, FirstName, LastName, etc...)

in ASP.NET 2.0, one has the built-in Membership stuff, which uses its
own SQL Server/Access database (the "ASPNETDB" datasource). and via
Visual Studio 2005's "ASP.NET Configuration" GUI, one has many useful
user/group management tools (add/delete role, find user, etc..!).

however...i still need my custom db's User table -- as is expected,
there are many columns i have for my users that are not in the
MembershipUser object.

herein lies the problem -- if i am to use ASP.NET 2's Authentication
and RoleManagement funcationality (database), i am in effect
maintaining *two* databases of users! the authentication db
("ASPNETDB"), and my customer db. this starts to add complication, not
to mention data duplication. for example, if i wish to delete a user
altogether, i must now delete the user in two different databases.
likewise, if i wish to add a user, i have to add him in two databases
-- and if these tasks fail for some reason in one but not the other, it
seems quite messy.

another big concern is, most of my 1.1 apps use a simple Int32 "UserID"
identified column for anything related to my users -- relationships to
orders, comments/feedback, etc.. ASPNETDB has a UserID property, but i
cant seem to retrieve it via the MemberUser obj. and it doesnt look
like a simple indentifier int, either.

so, what is the consenus, here? how best to work w/ this model shift
between 1.1 and 2.0? how does one link their custom business-rules User
table to the authentication User table...!?

thanks,
matt

Relevant Pages

  • RE: Membership Provider Woes
    ... in forms authentication context. ... how do I actually store the custom information? ... limited by the natural of cookie. ... Doens't the membership provider set a forms auth cookie for me ...
    (microsoft.public.dotnet.framework.aspnet)
  • RE: Membership Provider Woes
    ... cookie regardless of whether the user's authentication failed or not. ... how do I actually store the custom information? ... Doens't the membership provider set a forms auth cookie for me ...
    (microsoft.public.dotnet.framework.aspnet)
  • ASP.NET 2: Membership/RoleMangement vs. ASP.NET 1.1.. question
    ... in ASP.NET 2.0, one has the built-in Membership stuff, which uses its ... however...i still need my custom db's User table -- as is expected, ... herein lies the problem -- if i am to use ASP.NET 2's Authentication ... i must now delete the user in two different databases. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Equifax and Data Protection credit report ?
    ... The German ID Card has no cross referencing of databases so why does the proposed Labourite ID Card? ... If there is a single ID it is more cost effective to provide authentication schemes for it. ... The government can cross reference databases at present however it is time consuming and difficult. ... Updating all the existing databases to handle a new foreign key would be a big task. ...
    (uk.legal)
  • Authen::Users 0.02 released
    ... SQLite or MySQL, ... General password authentication using DBI-capable databases. ...
    (comp.lang.perl.modules)