Re: Multiple App Authentication

Suggest you read up on Active Directory and Kerberos security.

Assuming this is on an office windows network, its likely that the
users have active directory windows accounts and that there is a
network domain already setup, where all the various servers that the
apps run on belong to a common domain.

If this is so, you can use windows credentials in your apps to
authenticate users. Credentials are established by the user when they
log onto windows and are maintained in the form of tokens.

If your apps run in IIS, you can set the security for the app's
website to require windows authenticated integration on its advanced
directory security tab from the properties menu entry when you right
click a website. Users will have to provide their windows login ID
and password if they are accessing the site externally before it will
run. Otherwise, if they are already logged into the network domain,
IIS will not prompt for credentials and will instead use the
authorization token given to them to identify them.

You can also have programs perform the login on behalf of the user to
a particular app by something similar to:

App.Credentials = System.Net.CredentialCache.DefaultCredentials

Active Directory only verifies the identity of the user; its still the
responsability of your app to decide what to do with the user once
they are verified to be who they claim to be. Active directory users
are usually assigned to arbitrary active directory groups you create.
Your app can check if an identified user belongs to a particular group
of active directory users to determine what permissions the user has.

The advantage of using active directory opposed to building your own
security system is that security is centralized - you can add or
remove a user to the network, your apps, Microsoft applications, and
the internet in a single place with a single command, all at the same
time. The active directory API is not complex, and requires far less
code to use then building and maintaining a seperate custom security
database.





.

Relevant Pages

  • RE: XPSP2 compatability
    ... The apps on the list represent many of the apps and families of apps that ... made Windows OS's popular. ... all the security of cheese cloth, Bill G has come back and given us what "we ... Ethical Hacking at the InfoSec Institute. ...
    (Pen-Test)
  • Re: Newbie FAQ #2: Wheres the GUI?
    ... Windows is so insecure you can't download and run ... suggesting that most of the windows security features are ... install shrink-wrapped software. ... and zero-install web apps solve that. ...
    (comp.lang.lisp)
  • [NT] Vulnerability in Windows Active Directory Allows Code Execution (MS07-039)
    ... Get your security news from a reliable source. ... Vulnerability in Windows Active Directory Allows Code Execution ...
    (Securiteam)
  • Re: Books on .net security
    ... A lot of it depends on what you mean by Windows forms security. ... governing web apps affect forms apps as well. ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ...
    (microsoft.public.dotnet.security)
  • Re: VC9 + SP1 and manifests (broken)
    ... *many apps* are not working any more causes lots of people to believe ... Microsoft tried it the educational way with Win2000/WinXP and preached ... The whole security scheme of Windows is braindead (have you ever tried changing security settings on a disk? ...
    (microsoft.public.vc.language)