0

First off: ASP.NET Web Application project with SQL Server 2008

I have inherited an ancient DB with a table called Security that stores user accounts. The columns are:

ID, name, user_name, password, and access_level.

access_level holds an integer value of 1 to 3 specifying access to certain parts of the web app. These range from 1 = user, 2 = power user, 3 = admin. I will need some users to view some info, hide it for others, and make it viewable+editable for others according to this access level.

I am familiar with older ASP.NET so I am new to the provider model. From what I have read so far I can:

1) create a custom MembershipProvider and RoleProvider and use those

2) create my own login system using hidden text fields to persist data

What is the best way to implement this? I started writing a custom MembershipProvider but it seems overkill for such a simple schema. There has to be a simpler method to implement this. Any suggestions or clarifications are welcome.

Improve this question

2 Answers 2

Reset to default
1

If you do not need to restrict pages based on the authorized roles, you can simply use

// After custom validation
FormsAuthentication.SetAuthCookie(username, false);

However, if you want to restrict pages based on the authorized role (in web.config), I'll suggest to implement Custom MembershipProvider and RoleProvider.

You just need to override the following methods.

MembershipProvider 

public override bool ValidateUser(string username, string password)

public override MembershipUser GetUser(string username, bool userIsOnline)

RoleProvider

public override bool IsUserInRole(string username, string roleName)

public override string[] GetRolesForUser(string username)
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

You can create a custom control for Login or Registration module. It may easy to understand and debugging. Also when a member is going to sign in you can check for access_level and give rights for access.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.