Solved

Asp.net complex membership implementation

Posted on 2011-10-09
6
178 Views
Last Modified: 2012-05-12
Hi,
I need to implement a somehow complex membership and authorisation. The requirements include a the normal authentication... But each user can be a member of 1 or more group. And their role per group may differ. Eg. User1 can be a member of group A in which he is an administrator... And be a member of group B but with a role of jus a regular user.
Apart from that, each member may have different "permissions" that they can do something like the NT logins.
I have reasearched that I can probably use azman... Is azman good? Is there an alternative approach like a modified role provider? Is there such as group provider?
0
Comment
Question by:karlomedallo23
  • 3
  • 2
6 Comments
 
LVL 11

Expert Comment

by:brutaldev
Comment Utility
Why not use the built-in role membership provider that comes with ASP.NET? Once this is in place it's as easy as using HttpContext.Current.User.IsInRole("MyRole") to check for permission.
0
 
LVL 21

Expert Comment

by:Dale Burrell
Comment Utility
The built in membership provider doesn't allow for groups and roles within groups, but you could handle that yourself with a specified role naming convention e.g.

Group1-Member
Group1-Admin
Group2-Member
Group2-Admin

Then you can assign to users as you like, and implement the checks in the page as you like.
0
 
LVL 2

Author Comment

by:karlomedallo23
Comment Utility
@brutaldev: roles provider is not enough for what's required. To be clear, I need, sort of, 4 providers... Membership, group, roles, and permissions...

@dale_burrel: I could have settled down with what you have suggested but thhe permissions are really getting on the way.. is ithere a way to implement a custom "provider" in which I would probably call permissions provider and will work together with the roles provider? Or maybe implement two instances of roles provider 1 for your group_role suggeztion Nd the other for permission?
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 21

Expert Comment

by:Dale Burrell
Comment Utility
You can certainly implement custom providers... I've never done it so I can only offer the MS documentation e.g. http://msdn.microsoft.com/en-us/library/8fw7xh74.aspx
0
 
LVL 2

Author Comment

by:karlomedallo23
Comment Utility
@dale_burrell: if I implement one, is it possible to have 2 role providers active in one application?
0
 
LVL 21

Accepted Solution

by:
Dale Burrell earned 500 total points
Comment Utility
You definitely can, i haven't had much experience with multiple providers, but I from what I have had you end up needing to do a bit more work, because the membership framework uses the initial providers you specify, but when you need more than one you actually have to explicitly tell it which provider you are using.

A quick google for "asp.net multiple role providers" gives plenty more information. I recon what you may want to do is create a single custom role provider which accesses its data from 2 separate sources depending on circumstances.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

Many of us here at EE write code. Many of us write exceptional code; just as many of us write exception-prone code. As we all should know, exceptions are a mechanism for handling errors which are typically out of our control. From database errors, t…
Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now