Home/ Questions/Q 8864915
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-14T16:22:19+00:00

First off: ASP.NET Web Application project with SQL Server 2008 I have inherited an

  • 0

First off: ASP.NET Web Application project with SQL Server 2008

I have inherited an ancient DB with a table called Security that stores user accounts. The columns are:

ID, name, user_name, password, and access_level.

access_level holds an integer value of 1 to 3 specifying access to certain parts of the web app. These range from 1 = user, 2 = power user, 3 = admin. I will need some users to view some info, hide it for others, and make it viewable+editable for others according to this access level.

I am familiar with older ASP.NET so I am new to the provider model. From what I have read so far I can:

1) create a custom MembershipProvider and RoleProvider and use those

2) create my own login system using hidden text fields to persist data

What is the best way to implement this? I started writing a custom MembershipProvider but it seems overkill for such a simple schema. There has to be a simpler method to implement this. Any suggestions or clarifications are welcome.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    If you do not need to restrict pages based on the authorized roles, you can simply use

    // After custom validation
FormsAuthentication.SetAuthCookie(username, false);

    However, if you want to restrict pages based on the authorized role (in web.config), I’ll suggest to implement Custom MembershipProvider and RoleProvider.

    You just need to override the following methods.

    MembershipProvider 

    public override bool ValidateUser(string username, string password)

public override MembershipUser GetUser(string username, bool userIsOnline)

    RoleProvider

    public override bool IsUserInRole(string username, string roleName)

public override string[] GetRolesForUser(string username)
    • 0