Help With Security Please

Discussion in 'ASP .Net Security' started by kirby.matt@gmail.com, Nov 27, 2005.

  1. Guest

    Hello, I am in the design stages of an ASP.NET application for my
    company, and I am wondering how I shoudl handle security. Even though
    this application is going to be internal and only 2-3 users, who will
    rarely change, they still insist on making it a web application. My
    first inclination is to use the Web.config and use Authorization to
    authorize the 3 users and deny everyone else. A couple of other apps
    here connect to Active Directory and authenticate the users that way,
    but I feel like that would be overkill and one more connection to
    maintain. There is also the possibilty of having a SQL table. There
    will be no login page, so any kind of authentication will be based on
    the users Windows user id. Any thoughts? Thanks.
    , Nov 27, 2005
    #1
    1. Advertising

  2. Paul Gielens Guest

    Windows authentication suit your needs. Windows authentication uses the
    security features integrated in your operating system/corporate network user
    names, passwords andpermissions to authenticate and authorize web
    application users.

    <autorisation>
    <deny users="?">
    <autorisation>

    Best regards,
    Paul Gielens

    Visit my blog @ http://weblogs.asp.net/pgielens/
    ###


    <> wrote in message
    news:...
    > Hello, I am in the design stages of an ASP.NET application for my
    > company, and I am wondering how I shoudl handle security. Even though
    > this application is going to be internal and only 2-3 users, who will
    > rarely change, they still insist on making it a web application. My
    > first inclination is to use the Web.config and use Authorization to
    > authorize the 3 users and deny everyone else. A couple of other apps
    > here connect to Active Directory and authenticate the users that way,
    > but I feel like that would be overkill and one more connection to
    > maintain. There is also the possibilty of having a SQL table. There
    > will be no login page, so any kind of authentication will be based on
    > the users Windows user id. Any thoughts? Thanks.
    >
    >
    Paul Gielens, Nov 27, 2005
    #2
    1. Advertising

  3. Rahul Soni Guest

    Please have a look at this link...

    http://msdn.microsoft.com/library/d...-us/cpguide/html/cpconaspnetauthorization.asp

    HTH
    --
    Thanks,
    Rahul Soni

    --->The secret to creativity is knowing how to hide your sources<---



    "Paul Gielens" wrote:

    >
    > Windows authentication suit your needs. Windows authentication uses the
    > security features integrated in your operating system/corporate network user
    > names, passwords andpermissions to authenticate and authorize web
    > application users.
    >
    > <autorisation>
    > <deny users="?">
    > <autorisation>
    >
    > Best regards,
    > Paul Gielens
    >
    > Visit my blog @ http://weblogs.asp.net/pgielens/
    > ###
    >
    >
    > <> wrote in message
    > news:...
    > > Hello, I am in the design stages of an ASP.NET application for my
    > > company, and I am wondering how I shoudl handle security. Even though
    > > this application is going to be internal and only 2-3 users, who will
    > > rarely change, they still insist on making it a web application. My
    > > first inclination is to use the Web.config and use Authorization to
    > > authorize the 3 users and deny everyone else. A couple of other apps
    > > here connect to Active Directory and authenticate the users that way,
    > > but I feel like that would be overkill and one more connection to
    > > maintain. There is also the possibilty of having a SQL table. There
    > > will be no login page, so any kind of authentication will be based on
    > > the users Windows user id. Any thoughts? Thanks.
    > >
    > >

    >
    >
    >
    >
    Rahul Soni, Nov 30, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    2
    Views:
    1,607
    John C. Bollinger
    Dec 23, 2004
  2. Replies:
    4
    Views:
    492
    Chris Uppal
    May 5, 2005
  3. KK
    Replies:
    2
    Views:
    528
    Big Brian
    Oct 14, 2003
  4. MuZZy
    Replies:
    7
    Views:
    1,723
    Mike Hewson
    Jan 7, 2005
  5. mera
    Replies:
    7
    Views:
    1,081
Loading...

Share This Page