p2p.wrox.com Forums

p2p.wrox.com Forums (http://p2p.wrox.com/index.php)
-   BOOK: Beginning ASP.NET 3.5 : in C# and VB BOOK ISBN: 978-0-470-18759-3 (http://p2p.wrox.com/forumdisplay.php?f=389)
-   -   MemberShip and Roles (http://p2p.wrox.com/showthread.php?t=77929)

barakros January 24th, 2010 06:04 PM

MemberShip and Roles
 
I asked Imar a question . here it is and here is his answers:
Q:
In the web site I building I have a customers tables where I have login and password
The web is designed to not let new user create account and login
People who need to login get the user and password from our customers service.
So I wanted to know what is the best way to handle this, because I don’t think I need to use the Role and Membership objects and also the aspnetdb to control the users.
I just want to check against my table and keep a session variables (or profile) for the user
(Customer id and name).
Is there a way to do that nice and easy?
Do I need to set form authentication mode? Set the session timeout? Where to check the user and password against my DB (customer table) – in the Login1_Authenticate event?
Or am I completely wrong here?

Imar answer:
1. Why wouldn’t you use MemberShip and Roles? Your admins can use the same controls to create accounts for others. Why complicate matters and roll your own solution?

2. In that case, you could try building your own provider: http://imar.spaanjaars.com/QuickDocId.aspx?quickdoc=404 The article explains how to use Microsoft Access, but it contains a link to the SQL Server version of the full source code. Not an easy thing to do, though.

If all you need to do is authenticate, you can use FormsAuthentication (http://www.google.com/search?hl=en&q...&aqi=g-sx1&oq=) and target your own database.

many thanks to Imar
Barak

barakros February 2nd, 2010 07:54 AM

what about session?
 
can I use session object to hold the logged user name (which is all I need after verify that this is the user by login+pass from the DB)?

can I set the sessionstate timeout to say 6 hours and the seesion will remain or this is risky?

does session is trustable for this matter?

thanks for your time

barak


All times are GMT -4. The time now is 11:38 AM.

Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.