29 Dec 2010
13 Jan 2011
Link to this post
I have to rebuild an existent web application which has its own database (employee customers products ....).
I intend to use Sitefinity to save time with design and have the content management capability.
But , I still don't know how the authentication should be implemented because I have to authenticate users for :
1- Content management : (let say website owner employee) and for this I think there is no problem to do it with Sitefinity except that all employee contact information are in the old database. Should I do link the 2
DBs (application's and Sitefinity's one) ?
2- website browsing : since there is different roles :
* admin (or employee ) : to be able to use some website functionnalities such as : editing products , editing customers, finance ...
* customer or members : to have access to customer only service (using shopping cart, editing the profiles, payment .... ) (here also all the data are in the application database)
* public : general web pages such as contact us ...
As I am really newbie in Sitefinty, I wanted to know which is the best way to do this.
1- I thought may be to add another authentication provider for the browsing part.
2- May be also I could use pages with some business logic to modify the application database (using controls : grid , formview ....) and limit the acess of the page based on the role that should see it or execute its functions (via buttons). Is that secure ?
In this case, I think I will need also to link the Sitefinity DB to the application DB to have coherent information : user (customer and employee) details, order details .... Or is it better to keep them separated and do some DTS or stored proc to update the DBs in order to have coherent data ?
Any suggestion would be appreciated