Normal setup for Web page, web service, firewall secured database?
- From: "redwoodtwig@xxxxxxxxx" <redwoodtwig@xxxxxxxxx>
- Date: Mon, 12 May 2008 07:48:07 -0700 (PDT)
I think this is a fairly normal situation; outside the firewall are
two servers, one containing the various web applications that in this
case are .net, another containing web services, some of which the
public can access, some of which are locked into web applications on
the other server. The only path from outside the firewall where these
two servers are to inside where the database is through the web
services.
Is there any reason why impersonating user X to consume web services
would cause any problem if the webservice in turn is impersonating
user Y in it's call through the fire wall to get or set data?
I don't see any need to use windows authentication on the external web
server, so I don't think there will be a credential hop problem. In
one of the web applications, the aspnetdb method is being used, but
that would not be an authentication issue. Instead we'd just pass the
aspnetdb userid along with the request to the webservice and use the
internal webservice impersonation to decide what that userid means.
Am I missing anything critical here?
TIA,
.
- Prev by Date: Simon busted by Operation Sudden Fall
- Next by Date: Web site Administration Tool Error
- Previous by thread: Simon busted by Operation Sudden Fall
- Next by thread: Web site Administration Tool Error
- Index(es):
Relevant Pages
|
