We have an asp.net site (C#, IIS7) with a SQL Server back end, and we use standard asp.net login controls to authenticate users of the site. We’re building a WordPress site for our content pages, and need to limit access to some of these WP pages based on various criteria in our SQL Server database. Ideally, someone visiting a protected WP page would be directed to the asp.net login page and after logging in, would be authorized access to the WP page based on some custom criteria like their membership is current, or they are an active member of a certain committee (info you get by querying the database). We’ll need to be able to limit access to various WP pages based on a wide range of criteria, basically anything about our users, so it would be nice to just have to write a new stored procedure for each new set of criteria and somehow reference that when checking for authorization. Both the asp.net pages and WordPress pages are within the same domain.
Any suggestions on the best way to implement this?