[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 173
  • Last Modified:

User authentication on an Intranet - best practices...

I am building an intranet for my company, we have the following departments:

1) Office Managers
2) Telemarketing
3) Corporate

All of these departments are stored using the same information in the same database... for example, if the telemarketer sets an appointment for office 1024 then the manager of office 1024 will see it come up, no other office manager will.  (You get the idea...)

The first from this group is the office manager.  This part of the intranet will allow him/her to keep up with every part of the office from inventory to  sales reps.

The second part is the telemarketing department, this will allow the telemarketers to add appointments and call people to set them.

the third part is corporate, this is simply reports for the corporate side to see all of the offices.

My question deals with users...  In this program, different users will login to different parts of the application.  The directory structure is as follows:

/intranet/officemanagers/ <-- this is where the office managers go
/intranet/telemarketers/ <-- this is where the telemarketers go
/intranet/corporate/ <-- this is where the corporate users go

I would like to have one login box that will send users to the appropriate part of the intranet based on who they are and where they are suppose to go.  My question is this:  Is it bad practice to have ALL users in one table even though they login to differnet parts of the intranet?  For example, a telemarketer has no relation to an office manager (not even in the same office) but they would be in the same 'users' table.  Is this okay?

Or, should i have different tables for each type of user?  Example:  For telemarketers, I would have a table called tbl_telemarketer_users and for office managers, I would have a table called tbl_officemanagers_users  etc... The downside to this would be that I would have to have different login pages for different people, and they would have to be told where to go, instead of login.mydomain.com

By the way, I am using VB.NET and Microsoft SQL 2000

Please help!  

Thanks in advance,

Brooks
0
brooksreese
Asked:
brooksreese
1 Solution
 
CoolATIGuyCommented:
Well, I'm not an expert on db normalization by any means, but I would venture to suggest splitting the groups into 3 seperate tables, and using "joins" when you query the tables.  Then the same login script could be used for everyone...

If not, I think the best way to do it in one table is to have a seperate numerical id column based on which level they are (1 for Managers, 2 for Telemarketing, 3 for Corporate)...


That help any?


CoolATIGuy
0
 
EsopoCommented:
I can offer you two pieces of advice:

1. I personally am used to braking all the rules when it comes to Web. Dev. so I don't really know which the best way to go would be. I could tell you I've been in similar situations and have gone with both approaches. Both worked fine. I guess is just a question of how much info will you be processing, the amount of users the DB will store, the amount of people developing the app, etc.

2. You question is obviously a DB Q instead of a DW Q. Although here we are used to all sorts of problems, I would highly recommend you ask this were the DB experts are:
http://www.experts-exchange.com/Databases/

Not that this TA isn't filled with professionals, but you will get better theory over there.

Best regards,

Esopo.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now