Normal setup for Web page, web service, firewall secured database?



I think this is a fairly normal situation; outside the firewall are
two servers, one containing the various web applications that in this
case are .net, another containing web services, some of which the
public can access, some of which are locked into web applications on
the other server. The only path from outside the firewall where these
two servers are to inside where the database is through the web

Is there any reason why impersonating user X to consume web services
would cause any problem if the webservice in turn is impersonating
user Y in it's call through the fire wall to get or set data?

I don't see any need to use windows authentication on the external web
server, so I don't think there will be a credential hop problem. In
one of the web applications, the aspnetdb method is being used, but
that would not be an authentication issue. Instead we'd just pass the
aspnetdb userid along with the request to the webservice and use the
internal webservice impersonation to decide what that userid means.

Am I missing anything critical here?



Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question