WCF Security Question

Discussion in 'ASP .Net Security' started by Robert May, Mar 14, 2007.

  1. Robert May

    Robert May Guest

    We have the following structure:

    Windows (probably vista)
    WPF
    Service Layer
    WCF in IIS
    Service Layer
    Business Objects
    Domain Model
    Database

    We need to use the WindowsIdentity from the user logged on to the windows
    machine all the way through to the database. We'd like to make sure that
    they have single sign-on (i.e. they log onto windows and that's it). With
    Windows Authentication, I think that's going to be pretty easy to do, since
    WCF and IIS support it natively.

    However, we have to also support Novell NDS (EDirectory).

    1. Can we use WindowsIdentity for this?
    2. Does anything in IIS and WCF help us here.
    3. Are we going to have to do an LDAP query and is the user going to have
    to supply username and password credentials when the app opens for non-AD
    security providers?

    Any help here would be greatly appreciated.

    Robert
    Robert May, Mar 14, 2007
    #1
    1. Advertising

  2. Hi,

    i have no clue about Edirectory - but Kerberos will allow you to propagate
    the credentials over exactly 2 hops

    Client
    |
    Service
    |
    Database

    That means you need a Domain and Keberos/Delegation configured correctly.

    -----
    Dominick Baier (http://www.leastprivilege.com)

    Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

    > We have the following structure:
    >
    > Windows (probably vista)
    > WPF
    > Service Layer
    > WCF in IIS
    > Service Layer
    > Business Objects
    > Domain Model
    > Database
    > We need to use the WindowsIdentity from the user logged on to the
    > windows machine all the way through to the database. We'd like to
    > make sure that they have single sign-on (i.e. they log onto windows
    > and that's it). With Windows Authentication, I think that's going to
    > be pretty easy to do, since WCF and IIS support it natively.
    >
    > However, we have to also support Novell NDS (EDirectory).
    >
    > 1. Can we use WindowsIdentity for this?
    > 2. Does anything in IIS and WCF help us here.
    > 3. Are we going to have to do an LDAP query and is the user going to
    > have
    > to supply username and password credentials when the app opens for
    > non-AD
    > security providers?
    > Any help here would be greatly appreciated.
    >
    > Robert
    >
    Dominick Baier, Mar 14, 2007
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Simon
    Replies:
    0
    Views:
    1,010
    Simon
    Oct 13, 2009
  2. Cindy Lee
    Replies:
    1
    Views:
    2,109
    Mr. Arnold
    Mar 19, 2010
  3. Rafia Tapia

    WCF Security Issue

    Rafia Tapia, May 9, 2009, in forum: ASP .Net Security
    Replies:
    1
    Views:
    797
    Steven Cheng
    May 11, 2009
  4. Sarasam

    how to implement WCF Security using custom token

    Sarasam, Apr 18, 2008, in forum: ASP .Net Web Services
    Replies:
    0
    Views:
    258
    Sarasam
    Apr 18, 2008
  5. dgator

    WCF security question

    dgator, May 12, 2008, in forum: ASP .Net Web Services
    Replies:
    0
    Views:
    113
    dgator
    May 12, 2008
Loading...

Share This Page