Why do they split up the users stuff into 2 tables? Like they got aspnet_ membership and aspnet_users.
为什么他们将用户分成两个表?就像他们获得aspnet_ membership和aspnet_users一样。
Is it just because the membership stuff they have is so long?
是因为他们拥有的会员资格这么久了吗?
2 个解决方案
#1
10
It's to separate identity/authentication management from membership management. The "big" user table is the actual identity repository - e.g., if you want to use SQL to store your identity data, it all goes in here. But you may want to use some other source - say, Active Directory - to be your identity repository. You validate identity and authentication against that instead, but you still need to have some way to join the SQL-based role/membership data to the AD-based identity data. That's where the smaller table comes in - just enough info to maintain those relationships.
它将身份/身份验证管理与成员资格管理分开。 “大”用户表是实际的身份库 - 例如,如果您想使用SQL来存储您的身份数据,那么这一切都在这里。但您可能希望使用其他来源(例如Active Directory)作为您的身份存储库。您可以相反地验证身份和身份验证,但仍需要某种方法将基于SQL的角色/成员资格数据加入基于AD的身份数据。这就是小桌子的用武之地 - 只需要足够的信息来维护这些关系。
#2
2
It's for securing multiple applications from a single user database; aspnet_membership has UserId and ApplicationId so each user can have a different password for multiple applications (and also be locked out of one application but not another).
它用于保护单个用户数据库中的多个应用程序; aspnet_membership具有UserId和ApplicationId,因此每个用户可以为多个应用程序使用不同的密码(也可以锁定一个应用程序而不是另一个应用程序)。
#1
10
It's to separate identity/authentication management from membership management. The "big" user table is the actual identity repository - e.g., if you want to use SQL to store your identity data, it all goes in here. But you may want to use some other source - say, Active Directory - to be your identity repository. You validate identity and authentication against that instead, but you still need to have some way to join the SQL-based role/membership data to the AD-based identity data. That's where the smaller table comes in - just enough info to maintain those relationships.
它将身份/身份验证管理与成员资格管理分开。 “大”用户表是实际的身份库 - 例如,如果您想使用SQL来存储您的身份数据,那么这一切都在这里。但您可能希望使用其他来源(例如Active Directory)作为您的身份存储库。您可以相反地验证身份和身份验证,但仍需要某种方法将基于SQL的角色/成员资格数据加入基于AD的身份数据。这就是小桌子的用武之地 - 只需要足够的信息来维护这些关系。
#2
2
It's for securing multiple applications from a single user database; aspnet_membership has UserId and ApplicationId so each user can have a different password for multiple applications (and also be locked out of one application but not another).
它用于保护单个用户数据库中的多个应用程序; aspnet_membership具有UserId和ApplicationId,因此每个用户可以为多个应用程序使用不同的密码(也可以锁定一个应用程序而不是另一个应用程序)。