views:

932

answers:

1

I have an ASP.Net MVC web application using forms authentication. I am using OpenID for authentication.

At the moment the moment I'm storing the openID url inside the Name of the standard GenericIdentity. I would also like to have easy access to the database id for the user.

I can make a custom provider or identity by overriding the Application_AuthenticateRequest function.

My question is should the database uid for the user go into the principal or the identity?

Should the Name property of the Identity be the openid url (a user can have many of these but I would like to display it on every page) or database uid?

+2  A: 

I'm thinking now that I should just store the user id in the Identity and hang on to the openid url in the Session.

That way I won't need a custom identity or principal.

tpower
That works great. I store the user id in the identity too. If you have the time feel free to invest in creating a custom identity it is not too hard, you will eventually find other tidbits that are useful to store in the identity and it'll keep your Session from being full of such things.
DavGarcia
I'm also about to create a custom Identity class for my ASP.NET MVC app. I feel that the Identity should contain information about the user who has authenticated .. so why not extend it if u want some rich info to be persisted across the site?
Pure.Krome
How did you deal with the membership and roles management? Did you use the default providers? If so, how did you plug it in with your user uid (since the providers use the username as key).
Kenji Kina

related questions