开发者

ASP.NET Membership vs SQL Authentication

开发者 https://www.devze.com 2022-12-28 04:06 出处:网络
For ASP.NET MVC extranet applications, what are the pros开发者_运维技巧 and cons of using SQL Authentication instead of the ASP.NET Membership API to handle security?Gern, you are describing aspects o

For ASP.NET MVC extranet applications, what are the pros开发者_运维技巧 and cons of using SQL Authentication instead of the ASP.NET Membership API to handle security?


Gern, you are describing aspects of the same framework.

The asp.net provider stack is an abstract service layer that 'provides' common services to your applications.

The built in Sql providers are simply implementations that use Sql server as a backing store. The MVC framework and scaffolding provide all of the necessary adapters for using the default Sql providers.

If the built-in asp.net sql providers provide the functionality you require then the pro is that all the work is done.

Not sure what a con would be.

In regards to the possibility that you want to compare using Sql providers vs AD providers:

The AD/Token based providers Active Directory for authentication and access control and the implication is that a user must have a valid account setup in the AD in order to access protected resources.

The Sql providers allow you to define arbitrary users that do not require AD accounts.

The infamous grey zone appears when you have a large AD user base that you must support but must also allow for non-AD accounts to be established. At that point you will start to explore the exquisite joy that building composite provider stacks will bring to your life while it steals your sleep. But that is a topic for another book.

HTH

0

精彩评论

暂无评论...
验证码 换一张
取 消