MemberProtect Modules In A Nutshell?
Application
Supports application level information such as application functions and configuration settings.
Configuration information that exists outside of the organization level
information is generally considered to be 'global' MemberProtect settings, this
module manages that kind of data.
User
A core module that contains all of the functionality surrounding MemberProtect
users, such as the creation, editing and deletion of users as well as many
supporting methods use to manage user information in general regarding security,
passwords, encryption, etc. This is the most commonly used MemberProtect module.
No MemberProtect installation would do much of anything without at least one
user.
Organization
The organization module is the secod most use module in MemberProtect. It
provides all the functionality that has to do with the creation and management
of organizations which are the root container element within MemberProtect. The
provide a strict border with regards to different sets of users and other data
within a system. In some cases organizations will be required with an
application and in other very small applications they won't be required at all.
RiskBasedAuthentication
The risk based authentication module provides functionalty for more advanced
authentication needs such as custom defined user question/answer information, IP
address restrictions, computer/browser agent history trackin, security images
and phrases, etc. In certain applications these advanced authentication
techniques will be absolutely required, particularily in highly sensitive
financial applications and the like. In other, smaller or less security focused
applications, this module will most likely not be required.
Security (Roles & Privileges)
The security module provides access to methods that help developers wrap
MemberProtect concepts of roles and privileges around different pieces of
application functionality. This can be as granular or general as is required by
the individual application and in many smaller applications will not be required
at all. However through the use of defining custom role and privilege
information, different levels of security access can be created and applied to
existing users to control what parts of an application various users are allowed
to access. How this information is used is ultimately up to the developer and
therefore is very flexible to the needs of the individual application.
Authentication
The authentication module provides basic functionality for the most simplest
forms of authentication, a username and password. However just because it is
simple does not make it less secure. This module also provides support for
temporary password use as well as the ability to flag when a user account fails
authentication in some way defined by the developer. You can then choose to lock
the user out after too many failed attempts. As usual, MemberProtect provides
the functionality, but is flexible enough to be implemented the way the
developer sees fit.
Crypt
The cryptography modules provides support for encryption, decryption using a key
you define as well as hashing. MemberProtect internally uses these functions to
handled the autmoatically encrypted and hashed information as well.
CurrentUser
The CurrentUser module is a small wrapper around some of the more commonly used
functions in the User module. However it also contains the Login() method
through which a user is physically logged into the MemberProtect system. From
that point forward, accessing the CurrentUser module means the developer is
actually accessing the currently logged in user. Many of the methods in this
module require less supporting information because internally MemberProtect
knows which user its acting upon, making the developers life a little easier.
DataAccess
The DataAccess module gives the developer quick access to the database for any
reason that might be required. It supports running basic SQL statements as well
as more advanced support for executing SQL functions and stored procedures and
works seamlessly with data-bound controls.
Email
The email module provides simple support for configuration SMTP email information
and sending out emails from within MemberProtect, making sending out emails very
simple right out of the box.
Log
Currently the Log module is an internal only MemberProtect module meaning there
isn't any public access to it, however its important developers are aware of it
because every function they call in any other module is automatically logged to
the internal log table regardless of success or failure. More importantly when a
method fails for some reason, the log can be checked to get an idea what went
wrong. The log also serves as a strong audit report of how MemberProtect is
being used as it tracks most information by the user being acted upon and
includes the date/time an operation was attempted.
Maintenance
The maintenance module deals with more internal task oriented functionality, for
example it supports to archiving and purging of the MemberProtect log table.
These particular task methods integrate really well with the MemberProtect
dashboard service for automating periodic maintenance tasks.
Utility
The utility module is a MemberProtect developer's special toolbox of time saving
functionality. Currently it supports the validation and formatting of many
common types of data (such as integer, decimal, GUID information) as well as
some additional methods for string manipulation not inherently available to
.NET. Additionaly some 'boolean to string' and vice-versa are available for
easily handling boolean values in string form. In the future based upon user
feedback we hope to expand the functionality in this module to better support
the MemberProtect developer.