1

I've created custom membership provider and it is more convenient for me to operate on MembershipUser.ProviderUserKey rather than UserName. So, to retrieve ProviderUserKey I perform such code:

if (User.Identity.IsAuthenticated)
{
  int UserID = (int)Membership.GetUser(User.Identity.Name).ProviderUserKey;
}

However, when GetUser() method is executed, user data must be retrieved from database and this is bugging me. This is unnecessery waste of server time, no matter how short this time is, I would like to avoid it.

Is there any other way to get ProviderUserKey in a more convenient way, like in User.Identity.Name case?

I would like to hear your ideas. How do you solve this problem on your webpages?.

Thanks.

Wodzu
  • 6,932
  • 10
  • 65
  • 105

2 Answers2

5

The Membership API is hitting the database because it is the only place this information is stored. User.Identity.Name is fetching the logged username from a cookie which is sent at every request. You could implement a custom generic principal and store the necessary information into the userData part of the authentication ticket which is encrypted in the cookie. Here's an article which covers this topic.

Darin Dimitrov
  • 1,023,142
  • 271
  • 3,287
  • 2,928
  • Thanks, could you point me to some relevant information how to do this? All I've found concerns .NET 1.1 and I would like to do this in 3.5 version of the framework. – Wodzu Nov 18 '10 at 11:10
  • Here's [an article](http://www.xoc.net/works/tips/forms-authentication.asp) which illustrates how to use a GenericPrincipal and store additional information in the cookie. The idea is to replace HttpContext.Current.User with this custom principal so that it is accessible everywhere. – Darin Dimitrov Nov 18 '10 at 11:12
  • Thanks, but as far as I understand this example is based on making own loign controls. I would have to override the standard behaviour...What if I am using standard login controls. Can't I extend some class to expose one more property to reffer it later in my application in a convenient way? – Wodzu Nov 18 '10 at 11:20
  • The login control doesn't really do much and would be easy enough to replace. Alternatively you could probably use the http://msdn.microsoft.com/en-us/library/system.web.ui.webcontrols.login.authenticate.aspx event to do it. – Greg Nov 18 '10 at 14:33
3

Read ProviderUserKey from the database when they first log in and store it in the user's session collection? On subsequent requests you can just grab it from the session without going to the database.

batwad
  • 3,588
  • 1
  • 24
  • 38
  • I was thinking about the same but a more elegant way would be to extend somehow Identity class... – Wodzu Nov 18 '10 at 12:28
  • The problem with extending the Identity class is that you've got no way to make User have your identity class instead of it's own, so then you'd have to create your own IPrincipal. At that point you've got to consider that the potential problems with all of that custom code outweigh the very small performance gain. – Greg Nov 18 '10 at 14:37