I am adding membership-related schemas to an existing database (lets call it myDatabase) following those instructions.
按照这些说明,我将向现有数据库(我们称之为myDatabase)添加与成员关系相关的模式。
As a results the number of tables, views and stored procedures are being created in myDatabase.
结果,在myDatabase中创建的表、视图和存储过程的数量。
The next step is to modify web.config for the application to use CustomizedMembershipProvider
下一步是修改web。配置应用程序以使用定制的membershipprovider
<membership defaultProvider="CustomizedMembershipProvider">
<providers>
<add name="CustomizedMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="MyDBConnectionString" />
</providers>
</membership>
Then we also need to specify the connection string like:
然后我们还需要指定连接字符串,如:
<connectionStrings>
<add name="MyDB" MyDBConnectionString ="..." />
</connectionStrings>
Here is my question:
这是我的问题:
- Should I use different connection string to the one the application uses? As is there a need to create a new user in the database with permissions related specifically to the membership objects?
- 我应该对应用程序使用的连接字符串使用不同的连接字符串吗?是否需要在数据库中创建具有特定于成员关系对象的权限的新用户?
- Once the connection string is specified with the User ID etc., do I need to grant permissions for that user for those newly created objects? Would that be for stored procedures only or also tables and views?
- 一旦用用户ID等指定了连接字符串,我是否需要为那些新创建的对象授予用户权限?这只适用于存储过程还是表和视图?
EDIT: I noticed that there was a set of roles created in the database along with the membership object. So it is a matter of assigning the user to the proper role(s). The roles are the likes of
编辑:我注意到在数据库中创建了一组角色以及成员关系对象。因此,这是一个将用户分配到适当角色的问题。角色就像
aspnet_Membership_FullAccess
aspnet_Personalization_FullAccess
etc...
So the only the first part of the question remains in place. So is there a point in creating a new database user (so separate db connection)
所以问题的第一部分仍然存在。那么创建一个新的数据库用户(也就是单独的db连接)有意义吗?
4 个解决方案
#1
2
Some good texts about Membership Provider:
一些关于会员提供者的好文章:
- Examining ASP.NET 2.0's Membership, Roles, and Profile
- 检查ASP。NET 2.0的成员、角色和概要
- Membership and Role Providers in ASP.NET 2.0 Part
- ASP中的成员和角色提供者。NET 2.0部分
#2
2
I looked it up a bit,
我查了一下,
- The standard connection can be used
- 可以使用标准连接
- In terms of permissions it looks like it is a matter of assigning the database user to the aspnet_Membership_FullAccess role (other roles if you require privileges related to them)
- 就权限而言,它看起来像是将数据库用户分配给aspnet_Membership_FullAccess角色(如果您需要与之相关的特权,则其他角色)
#3
0
- It's perfectly okay to use the same user/database as your application.
- 完全可以使用与应用程序相同的用户/数据库。
- I don't know, sorry.
- 我不知道,对不起。
#4
0
I would recommend using the same connection string for performance reasons. Using the same connection string as your application will allow more efficient connection pooling.
出于性能考虑,我建议使用相同的连接字符串。使用与应用程序相同的连接字符串将允许更有效的连接池。
#1
2
Some good texts about Membership Provider:
一些关于会员提供者的好文章:
- Examining ASP.NET 2.0's Membership, Roles, and Profile
- 检查ASP。NET 2.0的成员、角色和概要
- Membership and Role Providers in ASP.NET 2.0 Part
- ASP中的成员和角色提供者。NET 2.0部分
#2
2
I looked it up a bit,
我查了一下,
- The standard connection can be used
- 可以使用标准连接
- In terms of permissions it looks like it is a matter of assigning the database user to the aspnet_Membership_FullAccess role (other roles if you require privileges related to them)
- 就权限而言,它看起来像是将数据库用户分配给aspnet_Membership_FullAccess角色(如果您需要与之相关的特权,则其他角色)
#3
0
- It's perfectly okay to use the same user/database as your application.
- 完全可以使用与应用程序相同的用户/数据库。
- I don't know, sorry.
- 我不知道,对不起。
#4
0
I would recommend using the same connection string for performance reasons. Using the same connection string as your application will allow more efficient connection pooling.
出于性能考虑,我建议使用相同的连接字符串。使用与应用程序相同的连接字符串将允许更有效的连接池。