masterslave, What Brandon says is correct and Claudio is not actually practical in your case. I think so because role is more simple and provide the way what you want.
Using different membership makes you more in trouble because you need to define 2 membership while you may not sure about it I guess. I also not use it before. I think it is used when developer want to provide access the same restricted area (Eg: Admin pages) but using different authentication (Eg: 1 from local registered user, 2 from other web user). You need to study about ASP.NET Roles. Its alive since .NET 2.0. Like this: 1. you need to define who is in what role. Let say you is Admin (or more as SuperPower). A is just a user but you want to give access to Admin. B is just a user. 2. So you need to define 2 role: Admin and User. Admin can access Admin area while User can access E-Commerce area. 3. Put all Admin pages in an Admin folder and do the same for e- commerce area. 4. Create access rule for Admin folder is Admin and e-commerce folder is User. This will create web.config inside the folders. Now, ASP.NET will only give an access for logged in user and correct role. 5. When A registered, A still normal user. so you need to go to Admin area to assign A as Admin (you need to create the page). Do the same for B. 6. To make more interesting as you want, when user successfully logged in, you need to redirect to specific area based on its role. It just a simple code managed in ASP.NET but Im not remember right now. 7. Do more friendly by using your own SiteMap that you define the web pages hierarchy, each Admin and e-commerce tree (page) need to define the role. So that when Admin user can see only Admin menu and same thing with e-commerce. This is only menu visibility. Note that when e-commerce user trying to access Admin area by editing in browser address bar, they will redirected to login page. This is because you already define the folder permission in step 4. If you want to seperate the login page also can. Admin login page you need to check whether the user is Admin, if yes, redirect to admin area, if no, show message the user is not Admin. Do the same for e- commerce user. In more advance, you may define 4 roles, SuperPower, Admin, ECommerce and User. SuperPower is only you, it is subset of all Admin, ECommerce and User role so that you can access all. Admin only can minister the web, also assign Admin/ECommerce role to normal user. ECommerce is just for E-commere user only. User is normal registered user. Other thing, you can assign one user more than one role. ASP.NET is powerfull, I think thats all. On Apr 20, 12:11 pm, masterslave <[email protected]> wrote: > Hey! > > I'm using ASP.NET 3.5 and need to create two login pages to control > access of users who are logged in to use e-commerce functionality as > well as admin users that need to go in and maintain the content. The > reason why I'd like to use two login pages in because they're > effectively accessing two different areas and I actually need to > validate login details from two different databases - main one for e- > commerce users and another one for admin users. Currently, > > <authentication mode="Forms"> > <forms name="OclCOMMERCE.AUTH" cookieless="AutoDetect" loginUrl="~/ > Login.aspx" protection="All" timeout="43200" path="/" > requireSSL="false" slidingExpiration="true" defaultUrl="~/ > default.aspx" enableCrossAppRedirects="false"/> > </authentication> > <anonymousIdentification enabled="true"/> > <authorization> > <allow users="*"/> > </authorization> > > Any advice much appreciated!!
