By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,679 Members | 2,036 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,679 IT Pros & Developers. It's quick & easy.

username or uid, or your own user tables?

P: n/a
JJ
Just wondering what approach you more experienced developers take here:

I am writing a basic cms system to add pages to a site. One function I want
to add is to limit access to a new page on either a role or user basis.

My basic question is:
When assigning permissions in to (for example) a page in a cms, would you
use the built in asp.net username, uid, or create your own user/role tables
and use the relevent unique ID to identify a particular user/role?

I notice cms systems like dotnetnuke etc seem to use their own user
management and not the built in asp.net user management system. I am not
sure whether this is to do with difficulties with using the 'built in' user
tables and obtaining a uid?

Also, if using the built in tables I assume you shouldn't create
relationships with them (and hence alter their structure)?
I'm a bit confused but hopefully you can see my point and what I'm trying to
say here :-\

JJ

Mar 12 '07 #1
Share this Question
Share on Google+
2 Replies


P: n/a

Other than basic additions ( address , work phone number , etc)....
if you're doing a 2.0 project, you might want :
To implement a membership provider, you create a class that inherits the
MembershipProvider abstract class from the System.Web.Security namespace

See
http://msdn2.microsoft.com/en-us/library/f1kyba5e.aspx

http://www.devx.com/asp/Article/29256/0/page/3

http://www.15seconds.com/issue/050216.htm
That's membership. There's also a RoleProvider abstract class you can
implement.
Its not hard, but the devil is in the details.

"JJ" <ab*@xyz.comwrote in message
news:%2****************@TK2MSFTNGP03.phx.gbl...
Just wondering what approach you more experienced developers take here:

I am writing a basic cms system to add pages to a site. One function I
want
to add is to limit access to a new page on either a role or user basis.

My basic question is:
When assigning permissions in to (for example) a page in a cms, would you
use the built in asp.net username, uid, or create your own user/role
tables
and use the relevent unique ID to identify a particular user/role?

I notice cms systems like dotnetnuke etc seem to use their own user
management and not the built in asp.net user management system. I am not
sure whether this is to do with difficulties with using the 'built in'
user
tables and obtaining a uid?

Also, if using the built in tables I assume you shouldn't create
relationships with them (and hence alter their structure)?
I'm a bit confused but hopefully you can see my point and what I'm trying
to
say here :-\

JJ

Mar 12 '07 #2

P: n/a
JJ
I'm still a bit confused (sorry - new to this area).

My membership provider currently uses SQL server and saves all information
to the tables that are set up by running:
aspnet_regsql.exe.

I'm not sure that I need to actually store this information in the
'users'/'roles' membership tables - I would have thought that each page
(i.e. an entry in the pages table) will need a related permissions table
with the usernames/uid's or roles/roleid's of each user (or role) who can
access that page.

If that is the case, then my questions are:
(i) Am I 'allowed' to create a relation with the aspnet_users table in order
to get the uid (or should I just look it up when necessary)
(ii) How to you get the uid/roleid of a logged in user?
(iii) Is it ok to allow users to add/delete roles to the aspnet_roles table,
provided you hide the previously created admin/editor/etc priveledged roles?

Hope that makes sense,

JJ


"sloan" <sl***@ipass.netwrote in message
news:u$**************@TK2MSFTNGP02.phx.gbl...
>
Other than basic additions ( address , work phone number , etc)....
if you're doing a 2.0 project, you might want :
To implement a membership provider, you create a class that inherits the
MembershipProvider abstract class from the System.Web.Security namespace

See
http://msdn2.microsoft.com/en-us/library/f1kyba5e.aspx

http://www.devx.com/asp/Article/29256/0/page/3

http://www.15seconds.com/issue/050216.htm
That's membership. There's also a RoleProvider abstract class you can
implement.
Its not hard, but the devil is in the details.

"JJ" <ab*@xyz.comwrote in message
news:%2****************@TK2MSFTNGP03.phx.gbl...
>Just wondering what approach you more experienced developers take here:

I am writing a basic cms system to add pages to a site. One function I
want
>to add is to limit access to a new page on either a role or user basis.

My basic question is:
When assigning permissions in to (for example) a page in a cms, would you
use the built in asp.net username, uid, or create your own user/role
tables
>and use the relevent unique ID to identify a particular user/role?

I notice cms systems like dotnetnuke etc seem to use their own user
management and not the built in asp.net user management system. I am not
sure whether this is to do with difficulties with using the 'built in'
user
>tables and obtaining a uid?

Also, if using the built in tables I assume you shouldn't create
relationships with them (and hence alter their structure)?
I'm a bit confused but hopefully you can see my point and what I'm trying
to
>say here :-\

JJ


Mar 13 '07 #3

This discussion thread is closed

Replies have been disabled for this discussion.