custom ASP.NET authentication

Question

0.00/5 (No votes)

See more:

hey experts!
i am trying to make a asp.net website . im interesting to make my own data providers for my custom user data !

for authentication i decide use FormsAuthentication .
for saving custom user data i decide to make my own custom profile provider.
for Authorization i want use Role Authorization

first is my desicion true? i should change it? no need use something else instead Pofile for saving data through the application?

second , i need make my own custom Role provider to use Role for Authorization i want use Role Authorization?

third, is this scheme true? and i should code in this scheme? or maybe its better to have a column named Role in my custom profile Table and make a custome and simple Authorization !?( checking Role column to know whats user role then show its proper content )
picture to show scheme in my mind

very thanks !

Posted 26-Mar-13 15:36pm

ali_heidari_

Updated 27-Mar-13 11:22am

v6

Add a Solution

Comments

ZurdoDev 27-Mar-13 7:29am

When it comes to authorization and authentication, there are many options so what is best will depend on your situation and also be up to you.

ali_heidari_ 27-Mar-13 7:35am

i know... but my question is i should use Role provider for authorization or can i choose a role column for profile table ?
and if i choose a column named Role, can i use url authorization?
<deny role="Normal">

ali_heidari_ 27-Mar-13 11:39am

well maybe its better use clomn in prfile table! but another problem is about setting profile items! can anyone help?

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Keith Barrow · Answer 1 · 2013-03-28T01:33:00

What you suggest is certainly achievable. Personally I use the default providers built in to .net as most of the effort is taken care of see here for information about these[^]. The SQL providers work in conjunction with MS SQL-Server and you can even created the database using the built in aspnet_regsql.exe[^]

That said, one size does not fit all, you can subclass the existing providers (including the base providers for a completely clean slate) to create custom ones, but I think this is only worth it if the existing ones do not meet your requirements. My advice is to try the existing ones for each tranche of functionality (auth, roles etc) until they don't do what you want and then work on your own custom provider.