Securing MS Access Front End application with ASP.net Forms Authentication

Question

Is it possible to use ASP.net forms authentication to secure access to an application front end built in MS-Access 2007.

My current application front end is built in Microsoft Access 2007 with the data residing in SQL Server 2008 Express Edition. I am in the process of porting this application to ASP.net. I intend to use ASP.NET forms authentication in the ASP application. Is it feasible for me to use the same authentication code and/or database tables etc to provide authentication for my access application. Has anyone tried to do this before, and if so is there any documentation available on how to accomplish this.

Answer 1

For starters, you could use the built-in ASP.NET membership tables to house the login info for your web application. There are tons of examples on how to do that here on SO and other places.

The trick is using this same membership store to authenticate users of the access application. You could expose a web service that talks to your ASP.NET membership store and validates logins.

VBA supports the ability to call web services. More information on how to do that here. So when your Access application starts up it would check some kind of global variable to see if the user is authenticated. If not, it would take them to a login screen that calls the web service to do your authentication.

Answer 2

Here is the link on how to set up ASP.NET authorization, membership, etc. for web services access: http://msdn.microsoft.com/en-us/library/bb515342.aspx using Application services.

Here is another link: http://www.code-magazine.com/Article.aspx?quickid=0511031 with much the same idea, except build on ASMX, so it would work in 2.0