微软成员资格提供VS自定义提供VS完全定制的登录系统 [英] Microsoft Membership Provider Vs Custom Provider Vs Complete Custom Login System
问题描述
我目前正在转换一个非常老了,但工作传统的ASP网站ASP.Net。
它有一个完全自定义的书面用户管理系统。虽然它工作正常,它真正需要刷新,因为我希望它是在一些工程项目,未来更灵活。
当我问某人关于这一点,他们说:你需要使用微软提供者,介绍了微软是如何释放所有这些事情的自由和如何好他们,应该重新使用尽可能多的。讲座
我已经做了相当多的就可以了(主要是 http://asp.net/learn 看视频)的研究和我很IM $ p $通过一些功能pssed,因为似乎是说会带我的年龄写的物品拖放组件。
然而,目前的会员数据库是复杂的解释,它是有很多内部关系完全自定义的书面数据库...这是不是真的兼容使用默认微软提供。
我在采取一看我如何:创建一个自定义成员资格提供,但我觉得有点出我的舒适区,并担心它要么是缓慢的,引入安全漏洞或根本无法工作。
在这一天结束时,微软成员资格提供程序应为我工作 - 唯一的定制我真正需要的是登录用的用户名/密码字段在我的数据库和创建里面有很多定制$的用户脚本C $ C到几个第三方系统(需要到提供服务等)。
我只是想知道,你会怎么做,如果遇到类似的情况?
-
使用微软成员资格提供并以某种方式得到它为你工作(虽然我想建议)
-
使用微软成员资格提供,但使用的是在你的code定做定制提供。
-
使用您自己的完全定制的解决方案?
这是视频确实复杂的事情:)如果你要实现自定义的供应商,然后反射在现有的一个是良好的开端:)
作为一个快速和肮脏的选项,你可以,当然,破解了SQL成员资格提供者使用,但自code到提供服务的存储过程可能是拉伸了。
如果你仔细想想服务的远程配置不成员资格提供真正属于,它不是一个真正的隶属函数 - 所有成员所做的是提供他们周围的用户名和密码和验证。我自己的感觉是,你应该将服务的配置离开那里,和用户创建后对ASP.NET站点执行它 - 即使那只是调用存储过程,一旦成员提供做它的事。如果你这样做,你可能会发现SQL成员资格提供程序会做一切你需要它(可能与角色和放大器;型材供应商太)!,这样的话你有办法少code写的
I am currently converting a very old, but working classic ASP site to ASP.Net.
It has a completely custom written user management system. Whilst it works fine, it really needs a refresh as I want it to be more flexible for some future projects in the works.
When I asked someone about this, they said "You need to use the Microsoft Provider" and gave a lecture on how Microsoft release all these things for free and how good they are and should be re used as much as possible.
I have done quite a bit of research on it (mainly looking at the videos on http://asp.net/learn ) and am very impressed by some of the features as there appears to be drag and drop components for items that would take me ages to write.
However, the current membership database is complicated to explain, it is a completely custom written database that has many internal relations... It is not really "compatible" with the default Microsoft Provider.
I have taken a look at How Do I: Create a Custom Membership Provider?, but I feel a little out of my comfort zone and worried it will either be slow, introduce a security hole or simply won't work.
At the end of the day, the Microsoft Membership Provider should work for me - the only customisations I really need is the login to use the username/password field in my database and the create user script which has a lot of custom code to several third party systems (needing to provision services etc.).
I was just wondering, what would you do if faced with a similar situation?
Use the Microsoft Membership Provider and somehow get it to work for you (although I would like suggestions)
Use the Microsoft Membership Provider but use custom provider that is customised around your code.
Use your own completely customised solution?
That video does complicate things :) If you're going to implement a custom provider then reflector over the existing one is a good place to start :)
As a quick and dirty option you could, of course, hack the stored procedures that the SQL Membership provider uses but the custom code to provision services is probably stretching that.
If you think about it the remote provisioning of services doesn't really belong in a membership provider, it's not really a membership function - all membership does is provide usernames and passwords and authentication around them. My own feeling is that you should move the provisioning of services out of there, and perform it on the ASP.NET site after a user has been created - even if that's just calling a stored procedure once the membership provider has done its thing. If you do this you may find that the SQL membership provider will do everything you need it to (probably with the Roles & profile providers too), and thus you have way less code to write!
这篇关于微软成员资格提供VS自定义提供VS完全定制的登录系统的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
