Accessing Login info

[Ryan]

I have a SQLDataSource I want to tie to the currently logged in user. Is
there any way to use User.Identity().Name as a Parameter in the datasource?
The only way I've got this to work is by creating a label (label1) and
OnInit() setting label1.text = User.Identity().Name. Then I can set the
SQLDataSource parameter to the value of the control, label1.

Thanks,
Ryan

 

[Jim Wooley]

Can you use intergated authentication with the SQL server and avoid the need
to pass the username/password in plain text. You would also reduce your user
maintenance on the SQL server by using the domain's role authentication.
Jim Wooley
http://devauthority.com/blogs/jwooley/default.aspx

 

[Ryan]

Jim,

I'm using a SQL Membership and SQL RoleProvider to authenticate the user (VS
2005). These are Internet (not LAN) users so not sure how I would use
integrated authentication. The user is already authenticated by the time
they get to this page I just need some way for my SQLdatasource to know who
the currently logged in user is. The only way I've found to attain the user
information is by using User.Identity().Name. If theres another way I'd be
glad to hear of it.

Thanks,
Ryan

 

[Luke Zhang [MSFT]]

Hello Ryan,

To set parameter source for a SQLDataSource, we can select : Cookie,
control, form , session, profile and querystring. So creating a label
(label1) and
OnInit() setting label1.text = User.Identity.Name is a property solution.
You also can set a session value as User.Identity.Name, and use this
session value in SQLDataSource. And User.Identity.Name is just the right
wat to get User Name when you use SQL Membership provider.

Regards,

Luke Zhang
Microsoft Online Community Lead

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

(This posting is provided "AS IS", with no warranties, and confers no
rights.)

 

[Ryan]

Thanks Luke, just what I needed to know.

Since you seem to know a bit about SQL Membership I'll ask you another
question. I'm wanting to customize my membership database because theirs a
lot more information I need to store about the users (address, phone number,
etc). According to this Microsoft article it looks like the User table is
what I want to modify
http://msdn2.microsoft.com/en-us/library/ms366730(d=ide).aspx. However, I'm
a bit confused as to the purpose of the Membership table which stores what I
would think to be "user information" such as the users email address,
password, etc. Just wondering if I'm going about this the right way (modify
the user table, create a view that contains all user information from both
the user and membership table), and why this info is split into 2 tables.

Thanks,
Ryan

 

[Luke Zhang [MSFT]]

Hello Ryan,

I think it is the right article when we wants to add some customized user
properties like Address, phone.... To implement it, we need to create our
own MembershipUser and Membership provider.

For a customized Membership provider, it may access its own data store, not
the original database(aspnetdb) provided by AspNetSqlMembershipProvider.
Like the Access database in the article
(http://msdn2.microsoft.com/en-us/library/ms366730(d=ide).aspx.) Therefore,
it is not "split into 2 tables", it is a complete new table in new data
store.

For more questions on asp.net security, you may post in
microsoft.public.dotnet.framework.aspnet.security. I will work with you
there.

Thanks,

Luke Zhang
Microsoft Online Community Lead

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

(This posting is provided "AS IS", with no warranties, and confers no
rights.)