Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > authentication/login scheme

Reply
Thread Tools

authentication/login scheme

 
 
Kevin
Guest
Posts: n/a
 
      12-08-2003
I am a developer, not an administrator and want to ask
you guys for advice on designing a login/authentication
scheme for a new .Net C# product.

-The product will run on customers' intranets. (The
website may be accessed remotely but we are not ruling
out forcing them to go through a VPN.)
-The logins will come from a database not from Windows
accounts.
-We would rather not pay to subscribe to a third party
service (this is my assumption about Passport and some of
the certificate methods).
-We would rather not force the user to deploy a
certificate on each client machine that might try to
access the web site. (We are looking for a highly
automated install that will require as little from the
customer as possible.)
- The authentication scheme used should affect this web
site only and not all of our customers' sites.
- We need to keep the information secure including the
login credentials that are compared against the database.

I know that I have various methods at my disposal: Forms
Authentication, various IIS Windows Authentication
methods and ISAPI filter DLLs. Although I have a general
understanding of each option, I don't yet know enough to
make thorough comparisons between the methods based on
our requirements. Any advice you guys could give will be
appreciated.
 
Reply With Quote
 
 
 
 
G. Gnana Arun Ganesh
Guest
Posts: n/a
 
      12-09-2003
Hai Kevin,

Intranet Web application : Windows authentication

Private corporate Web application: Windows authentication

Commercial Web application: Forms authentication

Multiple commercial Web applications: Passport
authentication.

Better option: windows authentication + Active Directory
Windows authentication using Kerberos, an authentication
protocol that is an integral component of Windows Active
Directory. Kerberos is designed to provide authentication
using secret key cryptography.

You may also forms authentication with storing encrypted
ids in the database.

Warm regards,
Arun Ganesh.
Microsoft .NET MVP.

>-----Original Message-----
>I am a developer, not an administrator and want to ask
>you guys for advice on designing a login/authentication
>scheme for a new .Net C# product.
>
>-The product will run on customers' intranets. (The
>website may be accessed remotely but we are not ruling
>out forcing them to go through a VPN.)
>-The logins will come from a database not from Windows
>accounts.
>-We would rather not pay to subscribe to a third party
>service (this is my assumption about Passport and some

of
>the certificate methods).
>-We would rather not force the user to deploy a
>certificate on each client machine that might try to
>access the web site. (We are looking for a highly
>automated install that will require as little from the
>customer as possible.)
>- The authentication scheme used should affect this web
>site only and not all of our customers' sites.
>- We need to keep the information secure including the
>login credentials that are compared against the database.
>
>I know that I have various methods at my disposal: Forms
>Authentication, various IIS Windows Authentication
>methods and ISAPI filter DLLs. Although I have a

general
>understanding of each option, I don't yet know enough to
>make thorough comparisons between the methods based on
>our requirements. Any advice you guys could give will

be
>appreciated.
>.
>

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Do we use the classful address scheme yet? minseokoh@hanafos.com Cisco 2 11-18-2005 02:43 PM
fast universal compression scheme and its implementation in VHDL Jens Mander VHDL 2 09-01-2005 10:08 PM
fast universal compression scheme and its implementation in VHDL Jens Mander VHDL 0 06-10-2005 06:28 AM
IP Address Scheme for Multiple DMZs on Multiple PIXs Scotchy Cisco 2 10-07-2004 03:35 PM
501 Protocol scheme 'file' is not supported Joachim Smit Perl 2 04-23-2004 07:37 AM



Advertisments