24画生有一篇同名文章(http://www.cnblogs.com/esshs/archive/2006/07/13/449888.html),但他只是列一下数据库表与字段,并没有展开讲述.
下面我以DNN4.5.5为源码版本站在24画生的肩旁上再展开讲述.
由上面三图可见,DNN系统设计中的MemberShip是完全独立于DNN其他表的,那么能不能将整个MemberShip独立放一个表中,或直接使用已经存在的MemberShip表?由于上面的表是相对独立的,没有直接关系,所以理论上是可以的.实际上可以吗?做个实验.
在web.config中增加一个数据连接字符串.SiteSqlServer1,并且指向已经存在的MemberShip数据库ASPNETDB,其中DNN4_5_5是空数据库,即DNN并未安装,ASPNETDB是一个现存系统的MemberShip数据库.
<connectionStrings>
<!-- Connection String for SQL Server 2005 Express
<add
name="SiteSqlServer"
connectionString="Data Source=.\SQLExpress;Integrated Security=True;User Instance=True;AttachDBFilename=|DataDirectory|Database.mdf;"
providerName="System.Data.SqlClient" />
-->
<!-- Connection String for SQL Server 2000/2005 -->
<add name="SiteSqlServer" connectionString="Data Source=(local);Initial Catalog=DNN4_5_5;User ID=sa;Password=" providerName="System.Data.SqlClient" />
<add name="SiteSqlServer1" connectionString="Data Source=(local);Initial Catalog=ASPNETDB;User ID=sa;Password=" providerName="System.Data.SqlClient" />
</connectionStrings>
将AspNetSqlMembershipProvider的配置connectionStringName="SiteSqlServer"改成 connectionStringName="SiteSqlServer1"如下.
<membership defaultProvider="AspNetSqlMembershipProvider" userIsOnlineTimeWindow="15">
<providers>
<clear />
<!-- Configuration for DNNSQLMembershipProvider:
connectionStringName="string" Name corresponding to the entry in <connectionStrings> section where the connection string for the provider is specified
passwordAttemptThreshold="int" The number of failed password attempts, or failed password answer attempts that are allowed before locking out a user?s account
passwordAttemptWindow="int" The time window, in minutes, during which failed password attempts and failed password answer attempts are tracked
enablePasswordRetrieval="[true|false]" Should the provider support password retrievals
enablePasswordReset="[true|false]" Should the provider support password resets
requiresQuestionAndAnswer="[true|false]" Should the provider require Q & A
minRequiredPasswordLength="int" The minimum password length
minRequiredNonalphanumericCharacters="int" The minimum number of non-alphanumeric characters
applicationName="string" Optional string to identity the application: defaults to Application Metabase path
requiresUniqueEmail="[true|false]" Should the provider require a unique email to be specified
passwordFormat="[Clear|Hashed|Encrypted]" Storage format for the password: Hashed (SHA1), Clear or Encrypted (Triple-DES)
description="string" Description of what the provider does
-->
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="SiteSqlServer1" enablePasswordRetrieval="true" enablePasswordReset="true" requiresQuestionAndAnswer="false" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" requiresUniqueEmail="false" passwordFormat="Encrypted" applicationName="/" description="Stores and retrieves membership data from the local Microsoft SQL Server database" />
</providers>
</membership>
这样运行的结果是:
DNN成功安装,DNN4_5_5数据库中有MemberShip的所有表,但是里面全为空,host,admin的帐号在ASPNETDB的MemberShip表中,用host,admin帐号登录成功.DNN运行一切正常.
这面意味着:DNN可以很方便地与其他同样以MemberShip为身份验证的系统整合.
再分析相关代码:
举例: 删除用户方法
Public Overrides Function DeleteUser(ByVal user As UserInfo) As Boolean
Dim retValue As Boolean = True
Dim dr As IDataReader
Try
dr = dataProvider.GetRolesByUser(user.UserID, user.PortalID)
While dr.Read
dataProvider.DeleteUserRole(user.UserID, Convert.ToInt32(dr("RoleId")))
End While
dr.Close()
'check if user exists in any other portal
dr = dataProvider.GetUserByUsername(-1, user.Username)
dr.Read()
If Not dr.Read Then
dataProvider.DeleteUser(user.UserID) ' 删除dnn_User表中的用户记录
'Delete AspNet MemrshipUser
retValue = DeleteMembershipUser(user) '删除Membership表中的用户记录(至于Membership相关表在哪里,在这里是透明的,DNN并不在意他在哪里.)
Else
dataProvider.DeleteUserPortal(user.UserID, user.PortalID)
End If
dr.Close()
Catch ex As Exception
retValue = False
End Try
Return retValue
End Function
Private Function DeleteMembershipUser(ByVal user As UserInfo) As Boolean
Dim retValue As Boolean = True
Try
'删除Membership表中的用户记录(至于Membership相关表在哪里,在这里是透明的,DNN并不在意他在哪里.)
AspNetSecurity.Membership.DeleteUser(user.Username, True)
Catch ex As Exception
retValue = False
End Try
Return retValue
End Function
我比较喜欢这样的设计,因为这样,不管多少系统,只要基于MemberShip就可以很方便地整合在一起.实现单点登陆.