SA Developer .NET
Welcome to SA Developer .NET Sign in | Join | Help
in Search
Home Content Events Forums Sponsors Contact Downloads
SA Developer .NET » Development » Web - ASP.NET » user login in asp.net

user login in asp.net

Last post 07-25-2008, 10:33 by fridgi. 5 replies.
Sort Posts: Previous Next

  •  07-24-2008, 10:33 13637

    user login in asp.net

    Reply Quote

    A question for anyone that has experience in asp.net login security.

    Is it better to make use of the asp.net configuration tool for easily setting up users and use roles....or is a custom system better?

     Is the 'in-built' system scalable?

     

  •  07-24-2008, 13:59 13650 in reply to 13637

    Re: user login in asp.net

    Reply Quote

    I would say rather build your own if it is scalability you are after. It is just a pain and sometimes a mess to maintain the code around custom login systems. I think that is where the ASP.NET Security model's strength lies.

  •  07-24-2008, 14:27 13653 in reply to 13650

    Re: user login in asp.net

    Reply Quote

    yeah ... that's what I thought.

    It's probably fine for small quick developments but I doubt any major web development would make use of it. .... or am I wrong?

    Where does ASP.NET save all those users that you set up in webconfig?  Is it an XML file or ?

  •  07-24-2008, 16:34 13659 in reply to 13653

    Re: user login in asp.net

    Reply Quote

    The ASP.NET membership provider by default stores the user info in an Access file in an the \App_Data\ folder, however, you can modify this to use SQL which you should do if you're going to have a significant amount of users.

    The built in functionality can save a lot of time - e.g. you can use the built in password recovery dialogs, etc. To be honest, though, I prefer to write my own user functionality from scratch as it is more transparent.

  •  07-24-2008, 16:48 13660 in reply to 13659

    Re: user login in asp.net

    Reply Quote

    ahh ...thanks.

  •  07-25-2008, 10:33 13669 in reply to 13637

    Re: user login in asp.net

    Reply Quote
    RottenAppleMan:

    A question for anyone that has experience in asp.net login security.

    Is it better to make use of the asp.net configuration tool for easily setting up users and use roles....or is a custom system better?

     Is the 'in-built' system scalable?

    In our experience we have used the built in authentication features of Asp.Net to manage security and users. There are a number of great features that forms authentication has to offer as well as the ASP.Net membership provider but we have always found ourselves either having to work around certain issues or customize these features ourselves.

    I would say the best results we have achieved to date for website security is by creating our own custom security controls, classes and database tables which have the ability to scale and be customized by us at any stage of the project's lifecycle.

    Professional Numbskull
View as RSS news feed in XML
Powered by Community Server (Commercial Edition), by Telligent Systems