Store user id in Principal or Identity? ASP.Net/OpenID. | ansaurus

tags:

views:

932

answers:

1

+1 Q:

Store user id in Principal or Identity? ASP.Net/OpenID.

I have an ASP.Net MVC web application using forms authentication. I am using OpenID for authentication.

At the moment the moment I'm storing the openID url inside the Name of the standard GenericIdentity. I would also like to have easy access to the database id for the user.

I can make a custom provider or identity by overriding the Application_AuthenticateRequest function.

My question is should the database uid for the user go into the principal or the identity?

Should the Name property of the Identity be the openid url (a user can have many of these but I would like to display it on every page) or database uid?

+2 A:

I'm thinking now that I should just store the user id in the Identity and hang on to the openid url in the Session.

That way I won't need a custom identity or principal.

tpower 2009-01-28 21:02:05

That works great. I store the user id in the identity too. If you have the time feel free to invest in creating a custom identity it is not too hard, you will eventually find other tidbits that are useful to store in the identity and it'll keep your Session from being full of such things.

DavGarcia 2009-01-28 21:51:11

I'm also about to create a custom Identity class for my ASP.NET MVC app. I feel that the Identity should contain information about the user who has authenticated .. so why not extend it if u want some rich info to be persisted across the site?

Pure.Krome 2009-03-21 07:03:12

How did you deal with the membership and roles management? Did you use the default providers? If so, how did you plug it in with your user uid (since the providers use the username as key).

Kenji Kina 2010-09-04 14:39:27

related questions

Converting Single DB ASP.NET Site into MultiTenant - Membership and Roles Dilema

customize asp.net membership by changing "userid" type to integer

ASP Membership cannot handle encrypted connection strings in web.config

what is the best way to make some pages in asp.net require login?

Looking for a Yahoo Groups (CMS) replacement

Why should I Use ASP.NET Membership security model?

ASP.NET: Does implementing a custom MembershipProvider class needs you to implement a custom Membership class too?

How to set the Principal in an ASP.Net app

How can you test if an ASP.NET membership password will meet configured complexity requirements?

ExpressionEngine Multiple Site Manager and Member Groups

Locking out a user in an ASP .Net Custom Membership Provider

ASP.NET Application to authenticate to Active Directory or SQL via Windows Authentication or Forms Authentication

Not using e-mail address in a custom MembershipProvider?

How to get current user in Asp.Net MVC

programmatic login with .net membership provider

ASP.NET Forms Authentication With Only UserName

Unit test Custom membership provider with NUnit throws null reference error

How to access UserId in ASP.NET Membership without using Membership.GetUser() ?

How can I wire users with their respective folders in ASP.NET?

Grabbing Users with a specific value in their profile

How do you pass an authenticaticated session between app domains

What's the best way to authenticate over WCF?

Memcached chunk limit

ASP.NET Site Maps