I'm still a bit confused (sorry - new to this area).
My membership provider currently uses SQL server and saves all information
to the tables that are set up by running:
aspnet_regsql.exe.
I'm not sure that I need to actually store this information in the
'users'/'roles' membership tables - I would have thought that each page
(i.e. an entry in the pages table) will need a related permissions table
with the usernames/uid's or roles/roleid's of each user (or role) who can
access that page.
If that is the case, then my questions are:
(i) Am I 'allowed' to create a relation with the aspnet_users table in order
to get the uid (or should I just look it up when necessary)
(ii) How to you get the uid/roleid of a logged in user?
(iii) Is it ok to allow users to add/delete roles to the aspnet_roles table,
provided you hide the previously created admin/editor/etc priveledged roles?
Hope that makes sense,
JJ
"sloan" <sl***@ipass.netwrote in message
news:u$**************@TK2MSFTNGP02.phx.gbl...
>
Other than basic additions ( address , work phone number , etc)....
if you're doing a 2.0 project, you might want :
To implement a membership provider, you create a class that inherits the
MembershipProvider abstract class from the System.Web.Security namespace
See
http://msdn2.microsoft.com/en-us/library/f1kyba5e.aspx
http://www.devx.com/asp/Article/29256/0/page/3
http://www.15seconds.com/issue/050216.htm
That's membership. There's also a RoleProvider abstract class you can
implement.
Its not hard, but the devil is in the details.
"JJ" <ab*@xyz.comwrote in message
news:%2****************@TK2MSFTNGP03.phx.gbl...
>Just wondering what approach you more experienced developers take here:
I am writing a basic cms system to add pages to a site. One function I
want
>to add is to limit access to a new page on either a role or user basis.
My basic question is:
When assigning permissions in to (for example) a page in a cms, would you
use the built in asp.net username, uid, or create your own user/role
tables
>and use the relevent unique ID to identify a particular user/role?
I notice cms systems like dotnetnuke etc seem to use their own user
management and not the built in asp.net user management system. I am not
sure whether this is to do with difficulties with using the 'built in'
user
>tables and obtaining a uid?
Also, if using the built in tables I assume you shouldn't create
relationships with them (and hence alter their structure)?
I'm a bit confused but hopefully you can see my point and what I'm trying
to
>say here :-\
JJ
