The Purpose of Initialization Values
The companion article to "Add Logon Security to Your ASP.NET Website", this short article provides extra information about the security measures for ASP.NET websites.
June 30, 2011
The membership system is designed to integrate with any existing database that already contains user information. For example, if you already have a contacts list or an employee table, the WebSecurity.InitializeDatabaseConnection method lets you point to that database and to the table and columns that contain user ID and name (email) information.After you perform this step, the membership system will use that information.
That's half the story. The membership system actually makes a distinction between profile data and membership data.
Profile data is the user name and ID, plus whatever other data you have collected for your users, such as address and so on.
Membership data is the detailed security information that the membership system requires, such as password hash, last password change date, and so on. Membership data is information that's unlikely to be in the profile database table. In fact, it's data that you probably don't even want to keep in there.
This split between profile data and membership data makes it easier for ASP.NET to use your existing user database for its membership system.
Figure A shows the membership database structure.
Figure A: Simple membership database
In this example, the UserProfile table is where the profile data lives. This could instead be an Employee table or a Contacts table. The membership data is webpages_Membership. The other two tables pertain to roles.
During initialization, the membership system separately creates or opens the database that contains user data and the tables for the membership. The last thing that the system does is to establish a database-type relationship between the profile table and the membership table. At that point, the system is ready for use.
About the Author
You May Also Like