Q: login screen

[Guest]

Hello,

I am tiring to create a login screen for our partners through out internet.
I have two options to go but I do not know which one I should go.

I am planning to create a user per partner in our Active Directory and check
active directory once the click login.

Or should I create the users in SQL Server and keep their password in a
table (I do not know how? Can you explain?)

Thanks,

 

[bradley]

If you setup an account in Active Directory and the partners are using
Internet Explorer, then you can use Windows Authentication as the login
method.

 

[Buddy Ackerman]

Unless there is some other reason to use the Active Directory I probably
wouldn't use it solely for authentication. Assuming that your application
is hitting a database already I'd say that that's probably the best way
authenticate users. However, if you want to use integrated security and
impersonation, then you should use AD.

 

[Guest]

Hi Buddy,

Which one is best, AD or SQL users?
When you say hiding database: we will put our application into another
machine and database will be in another machine, will this be enough hiding?
Thanks,

 

[Buddy Ackerman]

As long as the database is not on an external network (i.e. behind a
firewall that only the webserver can access) that's fine.