views:

262

answers:

3

Hello guys;

I have a conceptual question... I am making an Intranet application (Web platform) for a company. I have a SQL Server DB with these tables:

Users (userID, userName, userPass, roleID)
Roles (roleID, roleName)
Pages (pageID, pageURL)
RolesXPages(pageID, roleID)

How is the best way to create a structure to store all this information while the user navigates the site, I mean, on the thread I should be able to check his role, his pages (the ones he can access) I have been reading and there is a lot of stuff there where Im confused, I saw the MembershipProvider, IPrincipal, IIdentity, etc classes but Im not sure what should be the best one for me.

Any thoughts...

Thanks in advance!

Edit: Everytime gets more confusing... I just want to handle those structures at runtime and be able to mantain state during page callbacks or changing pages...

+2  A: 

I generally use MembershipProvider, RoleProvider and ProfileProvider. It sounds like it would solve all of your problems.

http://www.4guysfromrolla.com/articles/120705-1.aspx

The MembershipProvider allows you to use a number of built in asp.net controls like login, loginstatus, userwizard.

The RoleProvider allows you to create and manage which membership users are in which roles and you can manage access to different areas of your application using web.config

The ProfileProvider allows you to basically extend the Membership users account to add whatever properties you wish to their account.

TGuimond
+1  A: 

If you are building something completely new I think that you sould look at the builtin membership and role system in asp.net, especially the Sql Server Role Provider.

Anders Abel
+1  A: 

With ASP.NET membership you will want to code against the asp.net MembershipProvider Model. If you can, I would ditch using any custom code for authentication and roles and use the existing provider model. Then write some custom code to handle the page level access.

IPrincipal is pretty bare bones and it may be quicker if you have to use the custom tables you listed. Hope That Helps

Anthony