Using of Membership Provider out of ASP.NET

Damir Dobric Posts

Next talks:



Follow me on Twitter: #ddobric




Using of Membership Provider out of ASP.NET

Problem Description

The Membership provider pattern build in ASP.NET frameworks is definitely an important evolution step of ASP.NET. However the current design of this functionality has a big disadvantage.

Imagine you write one big application. In such projects it is mostly required to implement many requirements in separated assemblies. This is good strategy because of many reasons like increasing of code re-usability, more flexible security, possibly easier deployment etc. Additionally, this allows you to decide later what kind of application should host your functionality implemented in separated DLL.

The separated assembly bundles most important functionalities of your application. One of them is definitely security too. 

Unfortunately, the ASP.NET’s Membership Provider-security mechanism is by design the part of ASP.NET not the part of .NET. This means that some windows-forms or console-application, which hosts your separated assembly, is strictly dependent on ASP.NET.

Following example shows what to do to be able to integrate Membership-security of ASP.NET in the application of any type.



 Because, the Membership-security is implemented in the System.Web.Dll it is required to reference your application (none ASP.NET application) to that assembly.

After the reference is added, open the app.config file of your application and insert new ‘configuration’ with the ‘system.web’ node as shown in the next example.

The example shows how to register custom Membership and Role providers in the none-ASP.NET application.

Notice that the type property of both providers specifies also the assembly name of the custom provider.

By using of default ASP.NET providers this value is usually not specified. In that case ASP.NET assumes that the implementation of the provider is in the assembly System.Web.dll.

<?xml version="1.0" encoding="utf-8" ?>
Contains all ASP.NET settings required by providers -->
This entry activates Membership Provider -->
membership defaultProvider="MyCustomMembershipProvider ">



        <add name="MyCustomMembershipProvider"

type="MyCustomMembershipProvider, MyCustomAssembly" applicationName="AppName" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" requiresUniqueEmail="true" passwordFormat="Hashed"/>




      <!-- This entry activates Role Provider -->
roleManager enabled="true" cacheRolesInCookie="true"                         defaultProvider="MyCustomRoleProvider" >

add name="MyCustomRoleProvider"
=" MyCustomRoleProvider, MyCustomAssembly"    






Damir Dobric

Posted Mar 06 2006, 10:38 PM by Damir Dobric
Filed under: is a .Net Community Blog powered by daenet GmbH.