tags:

views:

428

answers:

1
Q: 

Adding columns to the CreateUserWizard control using FBA

Hi- I'm wanting to create a user account creation section for unregistered users on our internet site. I want to ask the same questions as the CreateUserWizard control but have a few changes. I want the question to come from a question lookup table in SQL. The user will have a dropdown of available questions and I'll store the questionid they selected and the answer. Also, I want to store 1 other piece of data about the user (SSN).

My questions are: 1) Is forms based authentication an acceptable solution for this if using SSL? 2) Can I add additional columns (questionid and ssn) to the membership table or another table and how do I do that so I can save the info in the 'blessed' way? Will the solution have any negative effect if down the road I want to add password reset/recovery?

When adding columns, does it make sense to invoke Membership.CreateUser rather than using the CreateUserWizard?

Thanks!!

A: 

1) Yes it is. You can extend Membership with Profiles, and add any arbitrary fields you like

2) You can customize the CreateUserWizard a great deal, but behind the scenes it just ends up calling Membership.Create user. Personally, I would just roll my own (since it really isn't all that hard) unless you want to use the default wizard. But that is more personal preference then anything else.

NOTE: the link I provided for Profiles assumes you are using a WebSite project. If you are using Web Application projects, there are a few additional steps you can read about here.

Matt Briggs  2009-01-15 17:59:14
If I roll my own, what considerations should I consider to keep the site secure? I was considering doing everything using SSL and using simple SQL lookups in the code behind to verify authentication. Sound OK? Anything else to consider?
asp316  2009-01-15 19:04:15
Password hashing. Login persistence (use a cookie? jam it in the session?). Audit logging. Enabling/Disabling/Deleting of users. It depends what you are making (if it is for comments on a blog, not a big deal. Bank software, very big deal) and what your requirements are.
Matt Briggs  2009-01-15 21:27:43

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?