I'm trying to find a good standard for a database schema that will let me do a couple things. Mainly, I am writing a web app that needs to handle various types of logins. First being the standard ASP Application Services login, Second being OpenId/oAuth logins and third being Active Directory logins.
What's a good suggestion for a data schema that handles most of these? I plan on using DotNetOpenAuth for oAuth and OpenId. I already know how to get all of these items working individually, but I'm trying to work a way to get them done without a hack to tie them all together.
The application has to manage various permissions based on these users also. Basically, if there is an "Admin" group, then the user whether it's an AD account, OpenId account or Forms Auth account can be added to the group and the application can check permissions either at a page or method level (using MVC).
Open to Suggestions?
EDIT: Since I'm not getting any suggestions, I'll try to clearify. Basically if I get an Identifer (say it's either OpenId user key, oAuth user key or AD domain/user), how can I tie this to a standard ASP Membership Profider profile/user? Should I create a new Membership User with a random password and link the OpenId/oAuth/AD account to the profile via properties?
Basically, I'm looking for something similar to this site. User logs in via something, a profile gets created, that something is stored so we know what it is. Essentially I just need an idea how to get all these authentication methods to work together.
Thanks!
Figured I'll try to explain what I did to resolve this issue.
First, I decided to ditch the standard ASP Sql Services tables, for this I created my own User, AuthenticationServices and AuthenticationServicesUsers tables.
The User table is pretty much the "asp_Users and asp_Membership" tables combined. The AuthenticationServices table is a list where I plan on putting information containing the Authentication Services I wish to use (i.e. Facebook, MySpace, MyOpenId, Google, etc...)
Since I wanted users to link as many services as they wanted to thier accounts I setup a third table AuthenticationServicesUsers where I store the UserId and AuthenticationServiceId.
Since this implementation won't work with the standard SqlMembershipProvider, I went ahead and started coding my own custom membership provider. Here I extened the functionality to accept various methods such as a CreateUser method that lets me pass in no password information and instead an Identifier that I get back from the service.
This is where I am at now, and am debugging through atm. I have a few issues relating users to MembershipUsers, but as soon as I can figure that out I think I'll be set.
Thanks for your reply though!