Multiple membership providers in ASP.NET (web.config + sql)

I know this question is asked (and answered) a lot already, but I believe my situation is unique.

We are using the ASP.NET Sq开发者_如何转开发lMembershipProvider. However, we also have some less-secure content we would like to secure by adding users directly to the web.config, like so...

<forms loginUrl="login.aspx" defaultUrl="default.aspx">
  <credentials passwordFormat="Clear">
    <user name="user1" password="123" />
    <user name="user2" password="456" />
  </credentials>
</forms>

Is it possible to use this method alongside a SQL Membership Provider? If so, how?

I know it's bad practice to do this. This is only a stepping stone as we move parts of our website into the asp.net application. We would like some of those password to be easily editable without going to the database.

---

We would like some of those password to be easily editable without going to the database.

What is that logic I don't understand. Why you need two of them while you have built-in feature to change password easily in membership provider.

Now, you can use both at a time but you will need mechanism to decide when you use what or you will have to to two times authentication i.e. first validate user against web.config and if it fails then validate against membership DB.

But if you have other stuff depending on Membership explicitly, then some of those things won't work on your site.

So authentication, yes it is doable as you want.

---

I found my answer here: ASP.NET - Login Control with Credentials in web.config file

For my ValidateUser logic, I needed to use:

if (_provider.ValidateUser(username, password)) {
  return true;
}
else {
  return FormsAuthentication.Authenticate(username, password);
}

I knew how to authenticate using a provider, but the key was the ELSE clause, and authenticating using the web.config credentials.