tags:

views:

170

answers:

1
Q: 

Where can I find information on Authentication and Authorization in the context of Domain Driven Design ?

I'm trying to do things the DDD (domain driven design) way. And boy do I struggle. In all books I read, Authentication is of no concern and not mentioned!

I've written my own Authentication and Membership Service which are responsible for registering and logging in users, creating salted passwords etc. I do not use .NET's Membership Provider but do rely on Forms Authentication.

I've implemented a User model that holds the Username, E-Mail, PasswordHash, ApprovalStatus etc.

Now I guess the rest of the domain model shouldn't concern itself with the Users. I have a class Person that is used to model Persons and their associated data. As such it can be used to model personal data from users and from non-users. An object of type Company works with Persons, not Users. And an Activity is assigned to a Person, not a User.

The question, how do I relate the Person model to the User model? I don't really want a reference to each other in either of the two models. Should I create some Relationship model called PersonUser and create an additional service that retrieves the person object for the currently authenticated user?

+1  A: 

Judging from what you've presented, you've got a couple of known facts:

  1. Every User is a Person
  2. Not every Person is a User

That being the case, I would expand the person model to include a nullable UserId field so that you can relate the User to the Person for those Persons that are also users.

Now I'm also going to assume that you have several "Fetch" methods in the person model.. to retrieve a person by ID, Name, Department, etc...

I would overload (or create a different) fetch method to also retrieve the person object from a User as well (this can be either an id, or the foll user object).

public IPerson Fetch(IUser user) {}

Of course, since you have the known fact that every user is also a person, I personally see no harm nor foul in expanding the user object to include a person property...

public interface IUser 
{
   ...
   IPerson Person { get; set; }
}

Then, you can return the user object as always.. and perhaps do some funky lazy loading of the person field in the user... or populate both when you fetch the user object.

I'm not sure if creating a "mapping" table of User <-> Person is going to garner you much of anything beyond what I've outlined above (although you will get kudo's from the hardcore DBA's for denormalizing your data).. to me it's just an extra table to join to to get the same effect.

datacop  2009-05-07 12:46:36
I won't do it that way, but thanks for your input. I've decoupled my User from my Person model, both inside the domain model, and in my database. Accepted question since you helped me clear things up.
kitsune  2009-05-08 09:27:38
Thanks for the accept.. I would be REALLY interested in hearing how you approached this and what your final solution was. I'm a firm believer in keeping an open mind and learning as many different approaches to the same problem helps everyone to become a better engineer / architect.
datacop  2009-05-08 14:02:56

related questions

What's the best way to implement field validation using ASP.NET MVC?
How do I handle page flow in MVC (particularly asp.net)
Entity diagrams in ASP.NET MVC
How do I get rid of Home in ASP.Net MVC?
Can I generate ASP.NET MVC routes from a Sitemap?
ASP.NET Model-view-controller (MVC) - where do I start from?
user controls and asp.net mvc
ASP.Net MVC route mapping
RSS Feeds in ASP.NET MVC
Open Source Licensing Options for ASP.NET MVC Application?
Does the OutputCacheFilter in the Microsoft MVC Preview 4 actually save on action invocations?
MVC Learning Resources
Validating posted form data in the ASP.NET MVC framework
Best mock framework that can do both WebForms and MVC?
Use the routing engine for form submissions in ASP.NET MVC Preview 4
How do you get a custom id to render using HtmlHelper in MVC
MVC Preview 4 - No route in the route table matches the supplied values.
Is there a way to include a fragment identifier when using Asp.Net MVC ActionLink, RedirectToAction, etc. ?
In ASP.NET MVC I encounter an incorrect type error when rendering a user control with the correct typed object
ASP.NET MVC - Is it worth it yet?
Multiple languages in an ASP.NET MVC application?
Is it better to create Model classes, or just stick with generic database utility class?
ASP.NET MVC Without Visual Studio
ASP.NET MVC "CRUD" Database Sample
How to RedirectToAction in ASP.NET MVC without losing request data