Re: Use Roles with Forms auth ans SQL?

From: |{evin (You@dont.need)
Date: 02/16/03

Next message: Hodge: "PKCS Certificates"

Previous message: Mary Chipman: "Re: Use Roles with Forms auth ans SQL?"
In reply to: Mary Chipman: "Re: Use Roles with Forms auth ans SQL?"
Next in thread: Guogang: "Use Roles with Forms auth ans SQL?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "|{evin" <You@dont.need>
Date: Sun, 16 Feb 2003 20:07:33 GMT

On Sun, 16 Feb 2003 14:38:05 -0500, Mary Chipman <mchip@nomail.please>
wrote:

>A good resource for you would be the asp.net security best practices
>whitepaper, which you can download from
>http://www.microsoft.com/downloads/release.asp?ReleaseID=44047. It's
>not trivial to set up database authentication in a safe manner, so I
>don't think coffee alone is going to do it <g>.
>
>-- Mary
>MCW Technologies
>http://www.mcwtech.com
>

Woohoo, more reading! :) Thanks for the link, I probably won't get to
read it through until this evening though. The wife gets irritated
when I spend the weekend locked in the office.

As far as being completely safe, my understanding is that this won't
have to be completely bulletproof, more of a working demo first, then
internal use, and then allowing it to be accessed externally. One
thing I _do_ know, however is that the person who has asked me to do
this doesn't want to create computer accounts. So Windows
authentication gets tossed out right off the bat.... although. as I
type this I just had a thought.

What about creating an OU to hold these users and using policy to ONLY
allow them access to this web application? No log on locally, etc etc.
I'll have to think about it get back with the guy, this would still
allow for web administration as I know a bit about ADSI and have used
it to create user accounts with VB and scripting.... C# shouldn't be
that much more difficult.

Now my head hurts... again.. thanks for the link and if anyone else
has any more ideas... feel free to throw them at me.

Next message: Hodge: "PKCS Certificates"
Previous message: Mary Chipman: "Re: Use Roles with Forms auth ans SQL?"
In reply to: Mary Chipman: "Re: Use Roles with Forms auth ans SQL?"
Next in thread: Guogang: "Use Roles with Forms auth ans SQL?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: GPO Not Applied
... Group Policies apply only to User Accounts or Computer Accounts, ... please state what settings you are trying to ... > Please Help me for Applying GPO for Applying Users Profile to Applying All ...
(microsoft.public.windows.group_policy)
User GPO not applying unless linked to computers
... Windows 2003 native domain, Win2k and XP workstations. ... I have an OU which contains all computer accounts for the domain. ... another totally separate OU which contains user accounts. ... If I create a GPO containing only User settings and link it to the OU ...
(microsoft.public.win2000.group_policy)
RE: Outlook 2003 client install
... If you create the user accounts and computer accounts with the Small ... Business Server wizards and join the clients using the ... http://servername/connect computer the applications should get pushed out ...
(microsoft.public.windows.server.sbs)
RE: AD user Import
... If you are trying to export the user accounts and computer accounts to the ... the .csv format from AD, ... "Nextcert" wrote: ...
(microsoft.public.windows.server.active_directory)
Re: LDIFDE
... I have been very busy. ... > for the computer accounts as well as the user accounts. ... > Operating System, the Operating System Version and the Operating ...
(microsoft.public.win2000.active_directory)