Great answer! :-)
On Apr 21, 2:33 pm, CallMeLaNN <[email protected]> wrote: > masterslave, > > What Brandon says is correct and Claudio is not actually practical in > your case. > I think so because role is more simple and provide the way what you > want. > > Using different membership makes you more in trouble because you need > to define 2 membership while you may not sure about it I guess. I also > not use it before. I think it is used when developer want to provide > access the same restricted area (Eg: Admin pages) but using different > authentication (Eg: 1 from local registered user, 2 from other web > user). > > You need to study about ASP.NET Roles. Its alive since .NET 2.0. > > Like this: > > 1. you need to define who is in what role. Let say you is Admin (or > more as SuperPower). A is just a user but you want to give access to > Admin. B is just a user. > > 2. So you need to define 2 role: Admin and User. > Admin can access Admin area while User can access E-Commerce area. > > 3. Put all Admin pages in an Admin folder and do the same for e- > commerce area. > > 4. Create access rule for Admin folder is Admin and e-commerce folder > is User. This will create web.config inside the folders. Now, ASP.NET > will only give an access for logged in user and correct role. > > 5. When A registered, A still normal user. so you need to go to Admin > area to assign A as Admin (you need to create the page). Do the same > for B. > > 6. To make more interesting as you want, when user successfully logged > in, you need to redirect to specific area based on its role. It just a > simple code managed in ASP.NET but Im not remember right now. > > 7. Do more friendly by using your own SiteMap that you define the web > pages hierarchy, each Admin and e-commerce tree (page) need to define > the role. So that when Admin user can see only Admin menu and same > thing with e-commerce. This is only menu visibility. > > Note that when e-commerce user trying to access Admin area by editing > in browser address bar, they will redirected to login page. This is > because you already define the folder permission in step 4. > > If you want to seperate the login page also can. Admin login page you > need to check whether the user is Admin, if yes, redirect to admin > area, if no, show message the user is not Admin. Do the same for e- > commerce user. > > In more advance, you may define 4 roles, SuperPower, Admin, ECommerce > and User. > > SuperPower is only you, it is subset of all Admin, ECommerce and User > role so that you can access all. > Admin only can minister the web, also assign Admin/ECommerce role to > normal user. > ECommerce is just for E-commere user only. > User is normal registered user. > > Other thing, you can assign one user more than one role. > > ASP.NET is powerfull, I think thats all. >
