User authentication on an Intranet - best practices...

Posted on 2004-11-21
Last Modified: 2010-04-25
I am building an intranet for my company, we have the following departments:

1) Office Managers
2) Telemarketing
3) Corporate

All of these departments are stored using the same information in the same database... for example, if the telemarketer sets an appointment for office 1024 then the manager of office 1024 will see it come up, no other office manager will.  (You get the idea...)

The first from this group is the office manager.  This part of the intranet will allow him/her to keep up with every part of the office from inventory to  sales reps.

The second part is the telemarketing department, this will allow the telemarketers to add appointments and call people to set them.

the third part is corporate, this is simply reports for the corporate side to see all of the offices.

My question deals with users...  In this program, different users will login to different parts of the application.  The directory structure is as follows:

/intranet/officemanagers/ <-- this is where the office managers go
/intranet/telemarketers/ <-- this is where the telemarketers go
/intranet/corporate/ <-- this is where the corporate users go

I would like to have one login box that will send users to the appropriate part of the intranet based on who they are and where they are suppose to go.  My question is this:  Is it bad practice to have ALL users in one table even though they login to differnet parts of the intranet?  For example, a telemarketer has no relation to an office manager (not even in the same office) but they would be in the same 'users' table.  Is this okay?

Or, should i have different tables for each type of user?  Example:  For telemarketers, I would have a table called tbl_telemarketer_users and for office managers, I would have a table called tbl_officemanagers_users  etc... The downside to this would be that I would have to have different login pages for different people, and they would have to be told where to go, instead of

By the way, I am using VB.NET and Microsoft SQL 2000

Please help!  

Thanks in advance,

Question by:brooksreese
    LVL 8

    Expert Comment

    Well, I'm not an expert on db normalization by any means, but I would venture to suggest splitting the groups into 3 seperate tables, and using "joins" when you query the tables.  Then the same login script could be used for everyone...

    If not, I think the best way to do it in one table is to have a seperate numerical id column based on which level they are (1 for Managers, 2 for Telemarketing, 3 for Corporate)...

    That help any?

    LVL 14

    Accepted Solution

    I can offer you two pieces of advice:

    1. I personally am used to braking all the rules when it comes to Web. Dev. so I don't really know which the best way to go would be. I could tell you I've been in similar situations and have gone with both approaches. Both worked fine. I guess is just a question of how much info will you be processing, the amount of users the DB will store, the amount of people developing the app, etc.

    2. You question is obviously a DB Q instead of a DW Q. Although here we are used to all sorts of problems, I would highly recommend you ask this were the DB experts are:

    Not that this TA isn't filled with professionals, but you will get better theory over there.

    Best regards,


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    Suggested Solutions

    Adobe Dreamweaver CS5 is a WYSIWYG web page editor that has advanced HTML, CSS, and Javascript rendering functionality and is probably the most well-known HTML editor available. Much of Dreamweaver's appeal centers around the Design View interfac…
    This article is very specific and is only intended to help if you are installing Dreamweaver 8 in a Windows 7 environment with Office 2007 installed.   I'm not sure why Microsoft tends to release OS' that should not be released but they do.  Windows…
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now