Security model guidelines - Server-centric implementation - Win2K3 - dotNet

Discussion in 'ASP .Net Security' started by Bert Nieves, Nov 10, 2003.

  1. Bert Nieves

    Bert Nieves Guest

    Greetings,

    a) Server environment : Windows 2003 Standard
    b) Database: SQL Server 2000
    c) Development: Combination of VB6 COM+ , ASP.NET, and VB.NET.

    Looking at potential tracks for an implementation of a server-centric
    security model for an n-tier, intranet based system. All business logic and
    business-related workflows will reside on the server with several different
    UIs accessing (.NET forms, ASP.NET, VB6 forms). Security requirements are
    pretty solid with an emphasis on role-based security mechanisms and a "more
    granular" set of data filtering (views). I'm looking at the following
    tracks for the implementation of the Role-based portion of this security
    model ...

    1) COM+ Role based implementation
    2) Win2K3 Authorization Manager based role implementation
    3) Custom .NET coding using the System.Security.Permissions namespace

    Can anyone recommend and/or relate their experiences in choosing any 1 of
    the above 3 choices for user-authentication and authorization. I'm most
    familiar and experienced with COM+ Roles. I would really appreciate some
    MVPs chiming in :)

    Thanx in advance.

    Bert Nieves
     
    Bert Nieves, Nov 10, 2003
    #1
    1. Advertising

  2. In the current implementation of Azman, you can only store user role
    assignments either in XML file or AD.
    In the upcoming Whidbey relase, Azman will also provide SQL based stored
    (this is what I understood in the recent PDC)
    Has clear migration story. You do not need to write any code by yourself,
    it's all out of the box.
    Azman comes up with very good role assignment concepts like APPLICATION,
    SCOPE, OPERATIONS...

    Custom .NET coding using the System.Security.Permissions namespace is also a
    good approach if you have resources, time and willing to do all by yourself.
    ASP.NET 2.0 Whidbey relase will make this process easy, you need to provide
    implementation for couple interfaces (IRoleProvider...I do not remember
    correct name) and register your assembly in the configuration file.


    "Bert Nieves" <> wrote in message
    news:...
    > Greetings,
    >
    > a) Server environment : Windows 2003 Standard
    > b) Database: SQL Server 2000
    > c) Development: Combination of VB6 COM+ , ASP.NET, and VB.NET.
    >
    > Looking at potential tracks for an implementation of a server-centric
    > security model for an n-tier, intranet based system. All business logic

    and
    > business-related workflows will reside on the server with several

    different
    > UIs accessing (.NET forms, ASP.NET, VB6 forms). Security requirements are
    > pretty solid with an emphasis on role-based security mechanisms and a

    "more
    > granular" set of data filtering (views). I'm looking at the following
    > tracks for the implementation of the Role-based portion of this security
    > model ...
    >
    > 1) COM+ Role based implementation
    > 2) Win2K3 Authorization Manager based role implementation
    > 3) Custom .NET coding using the System.Security.Permissions namespace
    >
    > Can anyone recommend and/or relate their experiences in choosing any 1 of
    > the above 3 choices for user-authentication and authorization. I'm most
    > familiar and experienced with COM+ Roles. I would really appreciate some
    > MVPs chiming in :)
    >
    > Thanx in advance.
    >
    > Bert Nieves
    >
    >
    >
     
    Ram Sunkara [msft], Nov 10, 2003
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Charles A. Lackman
    Replies:
    1
    Views:
    1,439
    smith
    Dec 8, 2004
  2. Eidolon
    Replies:
    4
    Views:
    582
    Ken Cox [Microsoft MVP]
    May 12, 2004
  3. =?Utf-8?B?TmlyYmhv?=

    Win2k3, IIS6, ASP.Net - Server Application Unavailable

    =?Utf-8?B?TmlyYmhv?=, May 10, 2005, in forum: ASP .Net
    Replies:
    4
    Views:
    2,884
    Juan T. Llibre
    May 10, 2005
  4. Chuck
    Replies:
    3
    Views:
    534
    =?Utf-8?B?UGV0ZXIgQnJvbWJlcmcgW0MjIE1WUF0=?=
    Feb 8, 2007
  5. Ilias Lazaridis

    Model Centric Perl Web Framework

    Ilias Lazaridis, Oct 29, 2011, in forum: Perl Misc
    Replies:
    7
    Views:
    352
    Ilias Lazaridis
    Dec 4, 2011
Loading...

Share This Page