0

I use ASP.NET Identity 2.0 in an ASP.NET MVC5 project that is composed of three layers; Web application (presentation layer), Unit Test (test project) and Class library (data layer). Normally IdentityConfig.cs is located in the App_Start folder of Web application but as I implement a Group-Based Permissions Management as indicated on this page I want to keep all the domain models and IdentityConfig.cs file to the Identity folder in data layer project instead of the web project (presentation layer). Because IdentityConfig.cs needs to access DbContext class that is placed in my data layer project. Is there any problem doing this? On the other hand, could you please explain a little bit what is the App_Start folder?

Here is the ASP.NET Identity folder structure in my project below:

DataLayer (class library)

Concrete
EFDbContext

Entities (my entity classes except from ASP.NET Identity entities)

Identity
ApplicationGroupManager
ApplicationGroupStore
GroupStoreBase
IdentityConfig
IdentityModels


PresentationLayer (Web app)

App_Start

Controllers
AccountController
GroupsAdminController
ManageController
RolesAdminController
UsersAdminController

Community
  • 1
  • 1
Jack
  • 1
  • 21
  • 118
  • 236

1 Answers1

1

As long as you have asp.net identity, you will have to add reference to it in the presentation layer (web project) and the configuration will be kicked off from there.

If you moved it to the data access layer, then you put a security concern in the data access which is not right.

Normally, I just leave it in the web project and create my own user class and link it to the ApplicationUser class through its Id, but if you must seprate it, then you can put the IdentityConfig in a separate library that handles the cross cutting concerns like security, logging and exception handling as this layer will be working across all layers.

In the data access, you can have a custom user and role stores and put the configuration in the cross cutting library and link all of that in the presentation layer as this is the kickoff point for your web app.

The App_Start is justa normal folder that has the code that will be executed when the application starts, and you can put this code any where else, it is all called by the Global.asax file

Haitham Shaddad
  • 4,336
  • 2
  • 14
  • 19
  • >>> I am a little bit confused. Of course Security is the main concern, but; **1)** is it good idea to move all of the classes in the **DataLayer ** folder above to the **PresentationLayer**? **2)** What if moving IdentityModels to PresentationLayer also? **3)** If I move all of them to the PresentationLayer, I will have to access **EFDbContext** but I am not sure if it is a good practice. Is that ok? So, for overall, do you suggest to move all of the ASP.NET Identity related classes and models to the Presentation layer including IdentityModels class? – Jack Oct 16 '16 at 11:20
  • You will never be able to have a complete separation as long as you are using asp.net identity, the only solution to do that is to build your own identity system which is a lot to do, in my case, I always compromise, the effort that will be saved by keeping asp.net identity in the presentation layer with its own context is much higher than the separation – Haitham Shaddad Oct 16 '16 at 12:02
  • Ok, but I do not mentioned separation. Could you please have a look at my question above and reply one by one? I just asked some scenarios and wanted to be clarified if they are good idea or not. Thanks... – Jack Oct 16 '16 at 12:45
  • You asked 2 questions, if what you have done is good practice and I have replied to you in my answer and the conclusion is it will add more work and I see no benefit of doing that. The other part is what is the App_Start folder and I have already clarified what it is in my answer as well. – Haitham Shaddad Oct 16 '16 at 12:54