Adding additional linked membership provider in asp.net

0
votes

I work on an asp.net (hybrid webforms + mvc4) application that provides videos of expert speakers to employees at various organizations. I currently use asp.net membership to authenticate users based on the company they work for (each company has a login), set roles to determine what videos they have access to, and build reports etc.

However, my company wants to begin adding login for individual users as well. Rewriting our entire membership system would essentially mean rebuilding a large portion of the site -- instead I was thinking of adding another membership provider for individuals that would map to the membership provider we already have for organizations. What I am envisioning is a the following

1)The user logs on with their username and password using the individual membership framework

2)The application maps the user to the corresponding member in the original (company) membership framework, and automatically authenticates the user for that membership (invisible to the user) where it assigns the correct roles etc based on the organizatiom the user belongs to. Essentially this second membership would be almost a layer on top of the original.

I was considering building extended tables for individual users in SQL Server that would map to the current company members that we have -- however, I would prefer to user another membership provider for the individual users that maps to the original membership provider, as this would save writing all the CRUD code, forgot password and api that comes with a membership framework. I'm just wondering whether this is possible, or what the best practice would be in this case.

1
asp.netasp.net-membershipmembership-provider
Is this an ASP.NET Web-forms or ASP.NET MVC3+ Razor application ? If you have a separate log-in and membership provider for each single organization then the first question would be "Which one of those organizations would be mapped to your Individuals ?" and it would be more helpful if you provide some codes and examples to clarify your question. - Ali
I edited the above question to provide more clarity as to my intentions. In terms of code, I am currently using the standard asp.net Membership API, however I am looking for advice on the viablity of the overall architecture, rather than a response at the code level - Daryl1976

1 Answers

0
votes

My understanding of your requirements is you basically need to combine all of your membership providers into one individual (to use only one Log-in for all users) and take the advantage of your existing implementation of your current membership-providers.

Based on your requirements I think you could use a customized log-in view and map the right membership provider at the time of user authentication process.

To clarify my assumption, lets say you have these two existing providers on your project solution:

<membership>
  <providers>
    <clear/>
    <add name="Organization1" type="MvcApplication.Organization1" />
    <add name="Organization2" type="MvcApplication.Organization2" />
    ....

And you will switch and save the right provider if the user is valid.

public ActionResult LogOn(LogOnModel model, string returnUrl)
{
  if (ModelState.IsValid)
  {
      var membershipProvider1 = Membership.Providers["Organization1"];
      if (membershipProvider1.ValidateUser(model.UserName, model.Password))
      {
         // save this provider on server memory while user's logged-in
         return Redirect(returnUrl);
      }

      var membershipProvider2 = Membership.Providers["Organization2"];
      if (membershipProvider2.ValidateUser(model.UserName, model.Password))
      {
         // save this provider on server memory while user's logged-in
         return Redirect(returnUrl);
      }

      ModelState.AddModelError("", "The user name or password provided is incorrect.");
      return View(model);
  }
}

This might not be exactly what you want but with a bit of modification it may help you with the solution that you are aiming for.