I would suggest that your security should be at your Webserver level. For
example under IIS do not allow anonymous users. Force them to login using an
NT Username/domain.
You can put a extra layer of securiy into your Application logic, but
because you may have an Intranet which is a combination of htm, cfm etc, you
should not expect the Application server to deal with user security (other
than from restricting application functionality).
Adam
> ----------
> From: John Allred[SMTP:[EMAIL PROTECTED]]
> Sent: 18 September 2000 00:54
> To: [EMAIL PROTECTED]
> Subject: Re: Extranet's
>
> Rif,
>
> I'm not certain how you're using the term, "extranet." If you mean
> access by a limited number of people outside your firewall (not the
> whole world), then it's basically similar to your intranet with some
> extra security considerations.
>
> How much access you give the extranet users should probably depend on
> their relationship to your organization. What do you want them to know?
> What do you want them to be able to do?
>
> I'd recommend putting your extranet users in the same table with your
> employees. An extra column could differentiate between the two. Since
> they're coming in from outside, you might also want to provide logins
> for them.
>
> HTH,
> --John Allred
>
>
> Rif Kiamil wrote:
> >
> > Dear All,
> >
> > I am current designing our 2nd Intranet and we know it about a years
> time
> > where are going to have Extranet users. I just want to know. Would u
> develop
> > a total separate system for Extranet users or give then access to only
> parts
> > of the Intranet?
> >
> > Any ideas about Security and database design e.g. We have a User Table
> and
> > Employees table. Users are employees that have access to the intranet.
> Where
> > would u put the extranet users in the users table and employees table or
> > create there an extranet user table.
> >
> > Rif
> >
> > Rif Kiamil
> > Head of Network Admin / Project Coordinator of Intranet & Web Based
> > Applications
> > JJ Fast Food Distribution LTD
> > Tele 020 8885 9218 / Fax 020 8885 9213
> >
> >
> >
> --------------------------------------------------------------------------
> ----
> > Archives: http://www.mail-archive.com/[email protected]/
> > To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
> send a message to [EMAIL PROTECTED] with 'unsubscribe' in
> the body.
>
> --
> John Allred / Jackson, Mississippi
>
> Accessibility Resources:
> HWG's AWARE site - http://aware.hwg.org/
> W3C's WAI site - http://www.w3.org/WAI/
> Campaign for a Non-Browser-Specific WWW -
> http://www.anybrowser.org/campaign/
> --------------------------------------------------------------------------
> ----
> Archives: http://www.mail-archive.com/[email protected]/
> To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
> send a message to [EMAIL PROTECTED] with 'unsubscribe' in
> the body.
>
**********************************************************************
This email and any attachments are confidential and solely
for the use of the intended recipient. They may contain
material protected by legal professional or other privilege.
If you are not the intended recipient or the person responsible
for delivering to the intended recipient, you are not authorised
to and must not disclose, copy, distribute or retain this email
or its attachments. Although this email and its attachments
are believed to be free of any virus or other defect, it is the
responsibility of the recipient to ensure that they are virus free
and no responsibility is accepted by the company for any
loss or damage arising from receipt or use thereof.
**********************************************************************
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
