DotNetNuke与MemberShip的结合(五年版)

24画生有一篇同名文章(http://www.cnblogs.com/esshs/archive/2006/07/13/449888.html),但他只是列一下数据库表与字段,并没有展开讲述.

下面我以DNN4.5.5为源码版本站在24画生的肩旁上再展开讲述.

 

由上面三图可见,DNN系统设计中的MemberShip是完全独立于DNN其他表的,那么能不能将整个MemberShip独立放一个表中,或直接使用已经存在的MemberShip表?由于上面的表是相对独立的,没有直接关系,所以理论上是可以的.实际上可以吗?做个实验.

 在web.config中增加一个数据连接字符串.SiteSqlServer1,并且指向已经存在的MemberShip数据库ASPNETDB,其中DNN4_5_5是空数据库,即DNN并未安装,ASPNETDB是一个现存系统的MemberShip数据库.

 <connectionStrings>
    <!-- Connection String for SQL Server 2005 Express
    <add
      name="SiteSqlServer"
      connectionString="Data Source=.\SQLExpress;Integrated Security=True;User Instance=True;AttachDBFilename=|DataDirectory|Database.mdf;"
      providerName="System.Data.SqlClient" />
    -->
    <!-- Connection String for SQL Server 2000/2005 -->
    <add name="SiteSqlServer" connectionString="Data Source=(local);Initial Catalog=DNN4_5_5;User ID=sa;Password=" providerName="System.Data.SqlClient" />
    <add name="SiteSqlServer1" connectionString="Data Source=(local);Initial Catalog=ASPNETDB;User ID=sa;Password=" providerName="System.Data.SqlClient" />
  </connectionStrings>

将AspNetSqlMembershipProvider的配置connectionStringName="SiteSqlServer"改成 connectionStringName="SiteSqlServer1"如下.

    <membership defaultProvider="AspNetSqlMembershipProvider" userIsOnlineTimeWindow="15">
      <providers>
        <clear />
        <!-- Configuration for DNNSQLMembershipProvider:
              connectionStringName="string"               Name corresponding to the entry in <connectionStrings> section where the connection string for the provider is specified
              passwordAttemptThreshold="int"              The number of failed password attempts, or failed password answer attempts that are allowed before locking out a user?s account
              passwordAttemptWindow="int"                 The time window, in minutes, during which failed password attempts and failed password answer attempts are tracked
              enablePasswordRetrieval="[true|false]"      Should the provider support password retrievals
              enablePasswordReset="[true|false]"          Should the provider support password resets
              requiresQuestionAndAnswer="[true|false]"    Should the provider require Q & A
                    minRequiredPasswordLength="int"                  The minimum password length
                    minRequiredNonalphanumericCharacters="int"  The minimum number of non-alphanumeric characters
              applicationName="string"                    Optional string to identity the application: defaults to Application Metabase path
              requiresUniqueEmail="[true|false]"          Should the provider require a unique email to be specified
              passwordFormat="[Clear|Hashed|Encrypted]"   Storage format for the password: Hashed (SHA1), Clear or Encrypted (Triple-DES)
              description="string"                        Description of what the provider does
        -->
        <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="SiteSqlServer1" enablePasswordRetrieval="true" enablePasswordReset="true" requiresQuestionAndAnswer="false" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" requiresUniqueEmail="false" passwordFormat="Encrypted" applicationName="/" description="Stores and retrieves membership data from the local Microsoft SQL Server database" />
      </providers>
    </membership>

这样运行的结果是:

DNN成功安装,DNN4_5_5数据库中有MemberShip的所有表,但是里面全为空,host,admin的帐号在ASPNETDB的MemberShip表中,用host,admin帐号登录成功.DNN运行一切正常.

这面意味着:DNN可以很方便地与其他同样以MemberShip为身份验证的系统整合.

再分析相关代码:

举例: 删除用户方法

Public Overrides Function DeleteUser(ByVal user As UserInfo) As Boolean

    Dim retValue As Boolean = True
    Dim dr As IDataReader

    Try
        dr = dataProvider.GetRolesByUser(user.UserID, user.PortalID)
        While dr.Read
            dataProvider.DeleteUserRole(user.UserID, Convert.ToInt32(dr("RoleId")))
        End While
        dr.Close()

        'check if user exists in any other portal
        dr = dataProvider.GetUserByUsername(-1, user.Username)
        dr.Read()
        If Not dr.Read Then
            dataProvider.DeleteUser(user.UserID) ' 删除dnn_User表中的用户记录

            'Delete AspNet MemrshipUser
            retValue = DeleteMembershipUser(user)  '删除Membership表中的用户记录(至于Membership相关表在哪里,在这里是透明的,DNN并不在意他在哪里.)
        Else
            dataProvider.DeleteUserPortal(user.UserID, user.PortalID)
        End If
        dr.Close()
    Catch ex As Exception
        retValue = False
    End Try

    Return retValue

End Function

Private Function DeleteMembershipUser(ByVal user As UserInfo) As Boolean
    Dim retValue As Boolean = True
    Try

'删除Membership表中的用户记录(至于Membership相关表在哪里,在这里是透明的,DNN并不在意他在哪里.)
        AspNetSecurity.Membership.DeleteUser(user.Username, True)
    Catch ex As Exception
        retValue = False
    End Try
    Return retValue
End Function

我比较喜欢这样的设计,因为这样,不管多少系统,只要基于MemberShip就可以很方便地整合在一起.实现单点登陆.