How to Implement Client-Project Adaptable User Authentication in Reusable Code Base

  • Thread starter Thread starter Rhett
  • Start date Start date
R

Rhett

Hello,EveryBody!

I'm troubled by a design problem, Hoping that you'll save me out!

The Situation is:

We have two project of code A and B.A is our reusable code base, B is
for specified for our client;A has user authentication but based on
client's requirements.
Like:
For client B1:user authentication has membership information of
Company,Franchise.
But For client B2:membership information change to be Department,Team.

Both A and B will access membership information specified for client;It
may sounds not true that reusable A could access client(B) specified
information.The situation is:membership information is accessed by a
key, and A is used to do configurable query, the query condition is
specified by xml, in which membership key could be used.So A need to
access membership information by key, but A doesn't truly implement
it,because it is client-specified.Currently, I add a interface in A,
implement the client-specified in B, and suppose to dynamic load the
membership provider by read provider config and using reflection.

Then, the problem is out, Because A is refrenced By B, A can't refrence
B again, so the dynamic contructor invoke by reflection Can't works.

Could U give me some suggestion, for design or other.

Thanks Very Much!
 
Rhett said:
Hello,EveryBody!

I'm troubled by a design problem, Hoping that you'll save me out!

The Situation is:

We have two project of code A and B.A is our reusable code base, B is
for specified for our client;A has user authentication but based on
client's requirements.
Like:
For client B1:user authentication has membership information of
Company,Franchise.
But For client B2:membership information change to be Department,Team.
Click to expand...

Can the database queries be done either by stored procedures, or by
parameterized queries? In that case, A won't need to know the details of the
query. It will only need to set the parameter to the database primary key,
then execute the query.

A can then either process the query results in a generic manner (for
instance, by creating a name=value pair for each column it finds in the
query results if it doesn't already know about the column. This would allow
the query to return Department and Team, and A could create a string like
"Department=Accounting,Team=Payables".

Otherwise, you can have B1 and B2 derive from A. A method like
FetchAuthenticationData in A would execute the query, process the columns
which are always returned for all clients, then call a virtual method like
ProcessClientSpecificData, passing the query results. That method could do
whatever it wanted to do with the data.

John Saunders
 
Back
Top