Click here to Skip to main content
15,918,109 members
Please Sign up or sign in to vote.
4.50/5 (2 votes)
See more:
I'm totally new to the WEB Site Security model in the .Net Framework. It looks like I can assign access rules to users and/or roles using WEB.config or the WEB site administration tool. Or for that matter I could roll my ownusing the membership controls. The WEB site administration tool places/maintains entries in the ASPNET tables in my SQL Server tablesand does not create/change corresponding entries in my WEB.config file. If I make/change entries in my WEB.config file these changes do not affect my ASPNET tables. On balance I think maintaining my security/permissions within the ASPNET tables is a preferred approach. However this seems to require using the WEB site administration tool which will not be available after I deploy my application. My questions are: 1. Which is better? 2. How does the WEB.config file relate to the ASPNET tables? 3. If I use both, in a hybrid sort of approach, how would conflicts between the two be resolved? Thank you for any information you are willing to provide, it is definitely appreciated................Phil Hoop
bbirajdar 25-Oct-12 12:40pm    
Nice question +5.. But I think this is a research question and not suitable for the quick answers section... It will be better if you do the research yourself and write a detailed article and post it for the CP users

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900