Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p>While it's not crystal clear <a href="http://msdn.microsoft.com/en-us/library/2d449f1x.aspx" rel="nofollow noreferrer">on MSDN</a>, it's not all that complicated. There's a trio of classes: </p> <ul> <li>Membership: provides utility methods and a point of entry -- basically a Singleton (static class). </li> <li>MembershipProvider: acts as a data accessor and factory for MembershipUser objects.</li> <li>MembershipUser: represents an individual user.</li> </ul> <p>A custom MembershipProvider is selected (by code in Membership) based on your application's configuration: configuration/system.web/membership. Here's where you bring your provider into play. Your MembershipProvider implementation must be written to access whatever data store you prefer for users: your User table in this case. </p> <p>MembershipUser objects are only created through your MembershipProvider. The MembershipProvider.ValidateUser() method should check against your data store that the user/password combination is valid. The MembershipProvider.GetUser() retrieves user information -- use it within an access protected page and pass in System.Web.HttpContext.Current.User.Identity.Name as the current authenticated user. </p> <p>This said, I hope you are sure you don't want to <a href="https://stackoverflow.com/questions/95120/where-is-the-best-place-to-store-user-related-data-in-asp-net">use Profiles</a>, and really want to have a separate User table. If you are writing an internal application, using an existing <a href="http://en.wikipedia.org/wiki/Active_directory" rel="nofollow noreferrer">Active Directory</a> or <a href="http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol" rel="nofollow noreferrer">LDAP</a>-enabled data store would reduce administration costs and probably security risks. There are hundreds of things you can easily do wrong when going the MembershipProvider route. Do you use <a href="http://en.wikipedia.org/wiki/Salt_(cryptography)" rel="nofollow noreferrer">salted hashes</a>? How are you protecting the User table against manipulation? MSDN covers only a fraction of the <a href="http://msdn.microsoft.com/en-us/library/ms178398.aspx" rel="nofollow noreferrer">security issues</a> you may face. </p>
    singulars
    1. This table or related slice is empty.
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. VO
      singulars
      1. This table or related slice is empty.
    2. VO
      singulars
      1. This table or related slice is empty.
    3. VO
      singulars
      1. This table or related slice is empty.
 

Querying!

 
Guidance

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload