Re: authentication Mode

From: Sue Hoegemeier <Sue_H@xxxxxxxxxxxxx>
Date: Sun, 24 Sep 2006 18:57:25 -0600

That's hard to say as this line doesn't make sense:
"Second, the app must be available to someone that does not
have a windows login, eg a field worker that needs to
access the app occasionially using a machine running under
a different users login"

So what login is the "different users login" - but the user
doesn't have a login?
It really depends on what login is being used, if the field
work is accessing a machine in a domain, if it's multiple
domains, depends on trusts that may or may not be setup,
etc.
In terms of the other issue, Machines and logins are two
different things. If I have my windows login setup for
access to a SQL Server box in my domain, it doesn't matter
what machine I use. If I login into the network, that's the
credentials that are used no matter what machine I may be
logged into.
If users are logging into the domain with all different
logins, accessing network resources with various logins then
you have a security mess at the network level which will
lead to security messes in SQL Server as well when
implementing Windows authentication.

-Sue

On Fri, 22 Sep 2006 10:17:01 -0700, JB
<JB@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

I am developing a client/server application using sql server as the back end.
This app must allow for two login scenarios other than the usual one
user/one workstation. First, the app must allow users to log in from any
machine on the network even when using a machine running under a different
users login. Second, the app must be available to someone that does not have
a windows login, eg a field worker that needs to access the app occasionially
using a machine running under a different users login. For these reasons, I
have been using mixed mode authentication which does the job. Since all the
documentation seems to recommend Windows authentication mode and mixed mode
is for backward compability, am I missing something here? Can I handle the
two scenarios, particularly the second using Windows Authentication?

JB

Prev by Date: Re: Windows Services Groups
Next by Date: Re: Windows Services Groups
Previous by thread: Re: authentication Mode
Next by thread: Re: Windows Services Groups
Index(es):
- Date
- Thread

Relevant Pages

Authentication Sharing Across Apps
... For my part "B" question that I had (Login App was not returning ... authentication to calling app), I found the solution. ... Basically, in both the Login App and Calling App Web.Config, I did ... authenticated connection with SQL server. ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: QuickLaunch disappears
... I checked the login registery and I am pointing to the corrrect .exe. ... started and App, it crashed and sent a dump to Microsoft (this ... Documents and Settings I see "Lori Csontos" along with a "Lori". ...
(microsoft.public.windowsxp.general)
Re: Session object timout
... > specifying your OS and IIS level, but the phenomenon may be caused by the ... > app is running in. ... >> users must go through a login page. ... >> recreating the session object which holds the class I mentioned above. ...
(microsoft.public.dotnet.framework.aspnet)
Re: Permit only one network logon per user
... You app is controlling its listener and allowing/disallowing the ... allow a second connection to it using the same creds. ... multiple simultaneous logons with the same username and password ... If user username try to login from a different machine, ...
(microsoft.public.windows.server.security)
Re: Session object timout
... Aside from the fact that I kind of like an application timing out for security ... setting of the Application Pool that your ASP.NET app is running in. ... Application pool was introduced in Windows 2003 with IIS 6.0, ... > users must go through a login page. ...
(microsoft.public.dotnet.framework.aspnet)