security - ASP.NET Membership.CreateUser appears to create multiple user records -


bottom line front

should seeing multiple user records in aspnet_users each user mapping each of applications specified in aspnet_applications table?

the situation

i have web application using asp.net forms security. having created number of users, decided take in aspapplicationservices database specified provider. in aspnet_applications table there 2 application records ("/", , "/myappnamehere") each unique application id.

in aspnet_users table, noticed have twice many users expected. 1 each both applications (i.e. each user has record specifying id of "/" , "/myappnamehere" application records).

is way supposed work? have looked , have found no mention of activity, or whether design , might for. if design have conclude changes in user information propagated of matching user recods, not "root" or other.

note: these users created both through application (using membership.create()) , through configuration mini-app (security->create user).

web.config

<rolemanager enabled="true">   <providers>     <clear />     <add applicationname="/" name="aspnetsqlroleprovider" type="system.web.security.sqlroleprovider" connectionstringname="applicationservices"  />     <add applicationname="/" name="aspnetwindowstokenroleprovider" type="system.web.security.windowstokenroleprovider" />   </providers> </rolemanager>

the reason have different application names in membership provider , role manager provider.

you set application name of membership provider "/myappnamehere". didn't set application name of role manager provider. default uses applicationvirtualpath documented in http://msdn.microsoft.com/en-us/library/system.web.security.roleprovider.applicationname.aspx. virtual path of web site ("/" in many cases).

as result, when call membership.createuser(), creates 2 records in aspnet_users. 1 membership application id , 1 role provider's application id. 2 records have same user name have different user ids (one each application id).

the call creates 1 record in aspnet_membership table (application id, userid, password etc). applicatin id , user id record corresponding membership provider's application name, i.e., "/myappnamehere".

when create user role using call such roles.adduserrole(), create record in aspnet_usersinroles uses user id corresponding application id of role manager provider.

i couldn't find official document http://weblogs.asp.net/gurusarkar/archive/2010/01/09/asp-net-mebership-creates-two-users-in-aspnet-users-table.aspx has explanation. this diagram helps understand table relationships.


Comments

Post a Comment

Popular posts from this blog

java - Play! framework 2.0: How to display multiple image? -

i need display gallery of photos. here template: @(photos: list[photo]) @title = { <bold>gallery</bold> } @main(title,"photo"){ <ul class="thumbnails"> @for(photo <- photos) { <li class="span3"> <a href="#" class="thumbnail"> <img src="@photo.path" alt=""> </a> </li> } </ul> } and here controller method: public static result getphotos() { return ok(views.html.photo.gallery.render(photo.get())); } and here photo bean : @entity public class photo extends model { @id public long id; @required public string label; public string path; public photo(string path, string label) { this.path = path; this.label = label; } private static finder<long, photo> find = new finder<long, photo>( long.class, photo.class); public static list<phot...
Read more

jquery - Invalid Assignment Left-Hand Side -

i trying assign class tag via jquery, resulting in error through firebug says "invalid assignment left-hand side" on fourth line below. <cfoutput> $('.pngfix a').each(function(index) { var hreflink = $(this).attr("href"); if (hreflink.tolowercase() = '../audio.cfm') { $(this).addclass('audioimg'); } }); </cfoutput> looking around online, looks syntax problem, don't seem see it... any tips? thanks if (hreflink.tolowercase() = '../audio.cfm') that attempts assign value, rather check equality. change = operator == .
Read more

gmail - Is there any documentation for read-only access to the Google Contacts API? -

i want read-only access user's google contacts. there stackoverflow member wanted this, , received following answer : yes, there is, use https://www.googleapis.com/auth/contacts.readonly scope , "view contacts". this exchange reference read-only access google contacts can find using google. simply using access token obtained attempt read usual google contacts api (i.e. https://www.google.com/m8/feeds ) fails insufficient permissions. similarly, using google contacts api on new target fails 404 errors (for example https://www.googleapis.com/auth/contacts.readonly/default/full ). is there documentation anywhere on how use api, or permissible way access google contacts api full read-write access?
Read more