Best way to deploy authentication on web services

Discussion in 'ASP .Net Web Services' started by Rob Heckart, Dec 27, 2004.

  1. Rob Heckart

    Rob Heckart Guest

    Hi,

    I'm building a distributed app that will be accessible to both domain
    authenticated and forms-based authenticated users. I'm planning to have one
    web server that holds the client app with 2 virtual directories. The
    internal VD will have Windows Int. Auth. turned on. The other external one
    will be accessed through a port forwarding situation through the firewall
    with anonymous access checked, but users will have to enter a
    username/password on a webform to access functions. In some cases the user
    will be an internal user that's travelling and needs to get the same
    functionality that they have on the intranet. In other cases, the user will
    not exist in the Active Directory schema and will instead have credentials
    stored in a SQL table or something. What I'm hoping to do is to take the
    forms based info and bounce it off the Active Directory Server to see if
    they're ok. If not, it'll then check an database table to see if they're ok.

    The big question is: Is it possible to have one authentication scheme on the
    "gatekeeper" web service that accepts either domain or forms credentials and
    returns some sort of standard key/certificate/ticket/whatever it's called
    that can then be stored in the user's session or cookie or something and
    passed back to the web service to future calls? What's the best way to
    accomplish this while maintaining best practices in an SOA situation where
    there may be non-.NET resources accessing the web service? I'm also trying
    to find the most secure solution so that hackers cannot steal someone else's
    credentials.

    I'm trying not to have to write two separate versions of both the web app
    and the web service. Any help would be greatly appreciated!

    Rob
    Rob Heckart, Dec 27, 2004
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?RWQgQ2hpdQ==?=

    Best way to deploy a propject

    =?Utf-8?B?RWQgQ2hpdQ==?=, Dec 7, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    297
    =?Utf-8?B?RWQgQ2hpdQ==?=
    Dec 7, 2004
  2. =?Utf-8?B?cG11ZA==?=

    Best way to Deploy an ASP.NET project

    =?Utf-8?B?cG11ZA==?=, Jan 3, 2005, in forum: ASP .Net
    Replies:
    2
    Views:
    528
    Jeff Louie
    Jan 4, 2005
  3. Replies:
    1
    Views:
    460
    MasterGaurav
    May 26, 2005
  4. Bobby Edward
    Replies:
    7
    Views:
    377
    Bobby Edward
    Feb 22, 2008
  5. GaryDean

    Deploy won't deploy Masterpage.master

    GaryDean, Apr 14, 2009, in forum: ASP .Net
    Replies:
    1
    Views:
    401
Loading...

Share This Page