> The scenario is actually fairly simple. An application where a given > company will run multiple copies. Each instance the app needs to login > to > the same account (could be a share, a web service, etc.). > > There are too many users to reasonably grant each individual access to > protected items. So, each app needs access to the password for the > account.
Actually, to me that sounds like it should be managed using Windows user groups. Create a single "FooApplicationGroup" group and appropriately secure the items against that. Then application users are simply added to that group if they should be running the app. Then even if the app is run by someone that shouldn't have access to the protected items, the app will not be able to gain access. If you used encryption, etc so the app could access these protected items, then if the wrong person got access to the app - they would be able to gain access to the protected items through the app. Chris =================================== This list is hosted by DevelopMentorĀ® http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com
