ASP.NET 2.0 Multiple Membership Providers for Authentication

Discussion in 'ASP .Net Security' started by Daniel, Dec 27, 2005.

  1. Daniel

    Daniel Guest

    Hi,

    we are planing two use - if possible - two Membership Providers at the
    same time for authentication within the same application.

    Short background

    Imagine a community page, such as a forum. It comes with its very own
    membership provider given to us by our customer. We cannot change that
    one. We just have to live with it. Their users are authenticated by
    this provider and then allowed to use forums, eCards, etc.

    Now, they want us to add a backend to their site. For that we need
    another membership provider which will determine whether the user has
    the rights needed to administer/change/add/delete certain pages/content
    areas. As both - totally different user roles - need to work on the
    same pages, we need a solution to implement two different
    authentication schemes in the same application at the same time.

    Is there a way to accomplish that and where would we start?

    Thanks in advance,
    Daniel
     
    Daniel, Dec 27, 2005
    #1
    1. Advertising

  2. Daniel

    Brock Allen Guest

    You could always write your own provider and delegate to the right one, as
    necessary.

    -Brock
    DevelopMentor
    http://staff.develop.com/ballen

    > Hi,
    >
    > we are planing two use - if possible - two Membership Providers at the
    > same time for authentication within the same application.
    >
    > Short background
    >
    > Imagine a community page, such as a forum. It comes with its very own
    > membership provider given to us by our customer. We cannot change that
    > one. We just have to live with it. Their users are authenticated by
    > this provider and then allowed to use forums, eCards, etc.
    >
    > Now, they want us to add a backend to their site. For that we need
    > another membership provider which will determine whether the user has
    > the rights needed to administer/change/add/delete certain
    > pages/content areas. As both - totally different user roles - need to
    > work on the same pages, we need a solution to implement two different
    > authentication schemes in the same application at the same time.
    >
    > Is there a way to accomplish that and where would we start?
    >
    > Thanks in advance,
    > Danie
     
    Brock Allen, Dec 27, 2005
    #2
    1. Advertising

  3. Daniel

    Daniel Guest

    Hi,

    > You could always write your own provider and delegate to the right one, as
    > necessary.

    thanks, however this is not quite the way we would like to go, as the
    backend should be reusable with different front end. It wouldn't make
    things easier to maintain a multitude of different interface adapters
    for different customer solutions.

    Thanks though,
    Daniel
     
    Daniel, Dec 28, 2005
    #3
  4. Daniel

    Brock Allen Guest

    Well, the provider infrastructure was designed to only work with one at a
    time. If you need something else, then you're going to have to write code
    to do that. You could build a custom provider that accepted configuration
    information such that it dynamically delegated to other providers (as opposed
    to hard coding which ones to use).

    -Brock
    DevelopMentor
    http://staff.develop.com/ballen

    > Hi,
    >
    >> You could always write your own provider and delegate to the right
    >> one, as necessary.
    >>

    > thanks, however this is not quite the way we would like to go, as the
    > backend should be reusable with different front end. It wouldn't make
    > things easier to maintain a multitude of different interface adapters
    > for different customer solutions.
    >
    > Thanks though,
    > Daniel
     
    Brock Allen, Dec 28, 2005
    #4
  5. Daniel

    MikeS Guest

    Hi Brock,

    Daniel is mentioning Membership (authentication) and Roles
    (authorization). Two different animals as far as I now. Whatever.

    So for a custom Auth Store Provider, we can pass in the providers
    collection to the custom provider, so it has all of them at it's
    fingertips to use, at application start from global, right?.

    What could we then branch on in the custom provider to determine which
    provider to pull out of the providers collection to use? If I had the
    request in hand I could look at the resource being asked for and branch
    on that I guess but I am not sure where is the right/safe place to grab
    that.

    Simply what I'd like to be able to do is use different auth store
    providers for different sub directories so I can break up my AzMan
    store into more managable seperate applications.

    What I want is different then Daniel but with a custom provider like I
    described, I think he could loop through the providers collection and
    pull of all roles found for a user, concatenate them into a string
    array and retrun them all.
     
    MikeS, Dec 29, 2005
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. mehdi
    Replies:
    0
    Views:
    371
    mehdi
    Nov 30, 2006
  2. Replies:
    0
    Views:
    370
  3. Roar Nestegard

    ASP.NET 2.0 security with two membership providers

    Roar Nestegard, Feb 21, 2005, in forum: ASP .Net Security
    Replies:
    0
    Views:
    137
    Roar Nestegard
    Feb 21, 2005
  4. Replies:
    0
    Views:
    141
  5. Josh

    Authentication with multiple providers?

    Josh, Nov 30, 2006, in forum: ASP .Net Security
    Replies:
    1
    Views:
    98
    Brad Kingsley
    Dec 7, 2006
Loading...

Share This Page