Re: Web Services and Access Control
From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 05/05/05
- Next message: Joe Kaplan \(MVP - ADSI\): "Re: sspi in c#"
- Previous message: Grant: ".NET Server Authentication"
- In reply to: Francesco: "Re: Web Services and Access Control"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 05 May 2005 09:55:27 -0700
Hello Francesco,
what kind of users do you have? corporate / external - do the all have domain
accounts, by chance?
Or do you have a user database?
the story for remoting and web services is quite different. do you use both?
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
> Yes, I was thinking about insiders too, however the concept is the
> same.
>
> We still haven't deployed anything, but I think we can safely suppose
> that our web services are hosted in IIS and that we have a component
> which manages authentication (I wouldn't use Windows accounts). Once a
> user is authenticated, I guess the problem is passing the info to the
> other components, which takes us back to passing a "security token"
> parameter to all methods. Or maybe a cookie. Am I missing something
> here?
>
> Thank you.
>
- Next message: Joe Kaplan \(MVP - ADSI\): "Re: sspi in c#"
- Previous message: Grant: ".NET Server Authentication"
- In reply to: Francesco: "Re: Web Services and Access Control"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
