Windows Authetication vs seperate process

I

imageguy1206

I was wondering of someone could steer me in the right direction.

We have a package that we would like to "secure" so that only specific
individuals can access specific portions of the application. Our
wxPython application will revolve around updating a central database
with information submitted from the app. We will eventually have a web
front end fo rsome aspects of the app.

With several packages I have seen options to "Use Windows
Authentication", which seems to mean that "If the user has
authenticated and signed onto Windows, then our application will use
their windows userid and we will just focus on the the tasks within our
application the user is authorized to perform"

Does anyone have any experience using this type of authentication
scheme ?

Any related tips or suggestions ?

I have found a few wikipedia entries, but they seem to be more related
to webpages, etc.

Thanks.
 
G

Gabriel Genellina

At said:
With several packages I have seen options to "Use Windows
Authentication", which seems to mean that "If the user has
authenticated and signed onto Windows, then our application will use
their windows userid and we will just focus on the the tasks within our
application the user is authorized to perform"

Search for SSPI. But it may be a bit tricky to get running.


--
Gabriel Genellina
Softlab SRL

__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam ¡gratis!
¡Abrí tu cuenta ya! - http://correo.yahoo.com.ar
 
J

Jonathan Curran

I was wondering of someone could steer me in the right direction.

We have a package that we would like to "secure" so that only specific
individuals can access specific portions of the application. Our
wxPython application will revolve around updating a central database
with information submitted from the app. We will eventually have a web
front end fo rsome aspects of the app.

With several packages I have seen options to "Use Windows
Authentication", which seems to mean that "If the user has
authenticated and signed onto Windows, then our application will use
their windows userid and we will just focus on the the tasks within our
application the user is authorized to perform"

Does anyone have any experience using this type of authentication
scheme ?

Any related tips or suggestions ?

I have found a few wikipedia entries, but they seem to be more related
to webpages, etc.

Thanks.

Using windows authentication IMHO should only be used if there is an Active
Directory/LDAP server set up against which the users are authenticated. I
googled for 'active directory python' and came across
http://tgolden.sc.sabren.com/python/ad_cookbook.html It seems to be very
simple to use.

If I were to implement an authentication system like you want. I would:
1. Check to see if the local machine was part of a domain. If not then inform
the user that they need to be.
2. Check to see if the user who ran the application is part of a specific
group in AD.

I would assign each group a certain 'level' of privilege and accordingly let
the user do what they should be able to do.

I hope this is a good starting point.

- Jonathan Curran
 
R

Roger Upole

I was wondering of someone could steer me in the right direction.

We have a package that we would like to "secure" so that only specific
individuals can access specific portions of the application. Our
wxPython application will revolve around updating a central database
with information submitted from the app. We will eventually have a web
front end fo rsome aspects of the app.

With several packages I have seen options to "Use Windows
Authentication", which seems to mean that "If the user has
authenticated and signed onto Windows, then our application will use
their windows userid and we will just focus on the the tasks within our
application the user is authorized to perform"

Does anyone have any experience using this type of authentication
scheme ?

Any related tips or suggestions ?

I have found a few wikipedia entries, but they seem to be more related
to webpages, etc.

Thanks.

The pywin32 package includes the functions needed to do this type of
authentication. See \win32\Demos\security\sspi for some examples that
work out of the box with NTLM.

Roger
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top