COM+ and Security for building Internet apps.

Thu, 26 Jun 2003 09:36:33 -0700 

-----------------------------------------------------------

New Message on BDOTNET

-----------------------------------------------------------
From: DotnetDada
Message 1 in Discussion

Hi Folks,
   Nice to be on this group after a brief 'exile'.Well,it's about Security and COM+ 
that's puzzled me for some time now.It goes like this:   Business case:
A Bank XYZ wishes to allow it's customers to perform Internet banking.Based on the 
profile and the business it's customer provides,XYZ allocates 
Roles(Ex.Premium,Classic,Ordinary) to it's customers.The UserNames and Roles are 
maintained by the Administrator from the Admin console of the Application.Now,when an 
user logs into the Bank's Web site,the application should display a customised 
interface based on the role of the customer.   Technical solution:
Dotnet is suggested for solving this business case as the built-in feature of COM+ 
like Role-based security can be used to authenticate users based on the roles.Being 
Web-based,Security can also be implemented by using Windows/Forms Authentication.   
Now,the issue is:
1)Since COM+ features are closely integrated with Windows environment,Can Role based 
security be used for authenticating Roles of Internet users,as stated in the business 
case.   2)If the application were to be accessed both from the Corporate network and 
Internet,what would be the ideal mode of authentication(Forms/Windows).This is quite 
tricky as the normal practise is as follows: 
Intranet and VLAN's - Windows Authentication 
Internet - Forms Authentication    Hope the issues are clear.Over to the COM+ Punters 
(Mahesh/Gaurav) :-)   Cheers,
Arun   
      

-----------------------------------------------------------

To stop getting this e-mail, or change how often it arrives, go to your E-mail 
Settings.
http://groups.msn.com/bdotnet/_emailsettings.msnw

Need help? If you've forgotten your password, please go to Passport Member Services.
http://groups.msn.com/_passportredir.msnw?ppmprop=help

For other questions or feedback, go to our Contact Us page.
http://groups.msn.com/contact

If you do not want to receive future e-mail from this MSN group, or if you received 
this message by mistake, please click the "Remove" link below. On the pre-addressed 
e-mail message that opens, simply click "Send". Your e-mail address will be deleted 
from this group's mailing list.
mailto:[EMAIL PROTECTED]

Reply via email to