Re: Authorization Manager (AzMan) and non-Windows users
From: A Mackie (andrew_at_mackie14.freeserve.co.uk)
Date: 03/29/05
- Next message: cleb1: "Need reasons to not rename administrators account"
- Previous message: Edward Meyer: "Re: Group Policy Errors 1030 and 1058"
- In reply to: Roger Abell: "Re: Authorization Manager (AzMan) and non-Windows users"
- Next in thread: Roger Abell: "Re: Authorization Manager (AzMan) and non-Windows users"
- Reply: Roger Abell: "Re: Authorization Manager (AzMan) and non-Windows users"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 29 Mar 2005 07:22:43 -0800
Roger Abell wrote:
> Doesn't it depend on which schemas you have in use?
> AFAIK one can use applicatively defined (web app internal)
> identities, and have these grouped for role associations, which
> then lets them assume a Windows identity used for the role
> when needed to go to resources.
I'm not sure I fully understand your answer. Do you mean:
Web-application will maintain it's own user-id's/passwords in it's own DB.
A Windows id will be created to represent one or more web-app id's
(one Window's ID per category of web-users).
Windows id's can be assigned to roles using Azman GUI.
At runtime, web-application somehow maps web-app id to a windows-id (e.g.
certificate mapping ?), then makes call to azman's AccessCheck using
windows-id.
Does that sound about right ?
Thanks,
Andy Mackie.
- Next message: cleb1: "Need reasons to not rename administrators account"
- Previous message: Edward Meyer: "Re: Group Policy Errors 1030 and 1058"
- In reply to: Roger Abell: "Re: Authorization Manager (AzMan) and non-Windows users"
- Next in thread: Roger Abell: "Re: Authorization Manager (AzMan) and non-Windows users"
- Reply: Roger Abell: "Re: Authorization Manager (AzMan) and non-Windows users"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
