Architect Database to Allow App To Use Windows Integrated Auth or FBA

Question

I'm writing a web app that will be distributed and I want to allow the installer to choose between using Integrated Authentication, or FBA. Switching between those with web.config is obviously very easy. I'm trying to decide how best to architect the database and code to accept either a windows-sid or a UserID from the aspnetdb.

For example WSS 3.0 allows both windows integrated authentication, or FBA using any membership provider. How do they handle that in their database architecture? Are there any good guides on the web to provide some guidance?

Answer 1

I think it's a lot easier than you're making it out to be.

First of all, integrated authentication has nothing to do with the Windows SID. When integrate authentication is enabled, HttpContext.Current.User.Identity.Name will be "DOMAIN\User", not the Windows SID.

So, if using Windows authentication, you will still have a users table, with a column to hold the DOMAIN\User.

Let me know if you need more clarification.