Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Forms authentication question 1

Status
Not open for further replies.
dpdoug

dpdoug

Programmer
Nov 27, 2002
455
US
With forms authentication the user name and password is stored in the web.Config file. Does this mean that every time you have a new user to add, you have to manually add a new entry into your web.Config file?

It seems to me that the old way of storing user names and passwords in a database and checking a login against the database was just as efficient plus all you have to do is add a record to the database.

I don't understand the benefits behind using this kind of authentication vs database authentication.
 
Sort by date Sort by votes
It's easier to not have to connect to a DB. So if you require a limited number of usernames and passwords, web.config can be a good solution. You can 'deny' and 'allow' functionality this way, too...so a username in web.config could be the only user allowed to access files at that folder level because you can put a separate web.config with different 'allow' 'deny' permissions in any folder. Or even specify it for a specific file with the <location> element.
 
Upvote 0 Downvote
Excellent answer, organicglenn. Thanks for such a quick response! In fact, I think I may have some situations that may merit the use of this.

But the majority of cases I have to specify a certain level of access to each user, depending on the user. So I have to store the usernames in the database anyway to specify which level is correct for each user.
 
Upvote 0 Downvote
web.config does actually support roles-based authentication, too. I haven't used it but I suspect you can store the users and roles in the DB and then still set up your folder/file structure restrictions with web.config <roles> elements. I believe you need to store the roles in context.user.identity
 
Upvote 0 Downvote
The main problem with Forms Authentication is that the client must have cookies enabled for it to work. Some people prefer to block all cookies . . . why, I don't know.
I am currently designing an ASP.NET shopping cart and I'm looking for a way around that problem because using Forms Authentication makes things a lot easier.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Moregelen
  • Locked
  • Question
Domain Authentication
Replies
0
Views
888
Moregelen
Moregelen
G12Consult
  • Locked
  • Question
Forms authentication not working
Replies
4
Views
698
Rajkumarrrrr
Rajkumarrrrr
G12Consult
  • Locked
  • Question
API Question
Replies
2
Views
487
G12Consult
G12Consult
NoCoolHandle
  • Locked
  • Question
Integrate Facebook (social) logins with Forms authentication..
Replies
0
Views
298
NoCoolHandle
NoCoolHandle
WIREMESH
  • Locked
  • Question
Adding https to existing ASP.NET 2.0 web forms application
Replies
1
Views
375
jbenson001
jbenson001

Part and Inventory Search

Sponsor

Back
Top