Solved

Should I use Membership UserID or My Primary Key

Posted on 2010-08-31
2
357 Views
Last Modified: 2013-11-08
I am using asp.net 3.5 with the membership provider.
I added all the provider tables to my existing database using Aspnet_regsql.exe.
I added the userid, which is the data type uniqueidentifier, from the asp.net_users table generated by the membership provider, to my top level table.
The top level table primary key/identity key, is an int (PersonID). Since I used this primary key (PersonID) to relate tables in my original database, before adding membership provider, I just added the userid from the asp.net_users table, to my top level table.

Persons table
PersonID int Identity
UserID uniqueidentifier

Other Tables use PersonID as their FK.

Since this is a web app, I wanted to be sure that, for security reasons, using the PersonID was ok, or if I should change my tables to use the userid/uniqueidentifier instead of the PersonID as the FK.

Thanks
0
Comment
Question by:Sheritlw
2 Comments
 
LVL 32

Accepted Solution

by:
bhess1 earned 500 total points
ID: 33571654
Depends on where you are using it.  If you place the PersonID on a link in your web code, it may make it easier to hack the system in some cases. If I had the option, I would use PersonID internally, and the guid externally (where it could be hacked).  
0
 

Author Comment

by:Sheritlw
ID: 33572547
Thank you bhess1.

I will change the relationship fk to the user id.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ASP.Net to Oracle Connectivity Recently I had to develop an ASP.NET application connecting to an Oracle database.As I am doing it first time ,I had to solve several problems. This article will help to such developers  to develop an ASP.NET client…
IntroductionWhile developing web applications, a single page might contain many regions and each region might contain many number of controls with the capability to perform  postback. Many times you might need to perform some action on an ASP.NET po…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now