Maddin
|
| Posted: 07/07/2003, 11:56 AM |
|
Hi!
Is there a way to use the NT/2000 Authentication (on PDC 2000 Server) for
CCS-Apps?
The last entry was a year ago.
Greetings from germany
Martin
|
|
|
 |
DonB
|
| Posted: 07/07/2003, 6:05 PM |
|
This is a sticky problem. Aligning Win2K permissions with the code-basd
security that CCS (and every other platform, for the most part) uses is hard
to do. It gets even harder if you want a self-subscribing application as it
would mean creating Windows accounts "on the fly".
I think the rational approach would be to establish security groups (always
a good practice anyway), and implement the global.asa (assuming IIS) so
that the OnSession_Start event in global.asa sets up the session variables
that CCS utilizes. You can resolve security group memberships for users
from the event script without too much trouble, so mapping group names to
specific permission levels in CCS becomes possible letting the two
environments dovetail pretty well.
DonB
"Maddin" <m.das@t-online.de> wrote in message
news:becfp8$vlm$1@news.codecharge.com...
> Hi!
>
> Is there a way to use the NT/2000 Authentication (on PDC 2000 Server) for
> CCS-Apps?
>
> The last entry was a year ago.
>
> Greetings from germany
> Martin
>
>
|
|
|
|
Maddin
|
| Posted: 07/08/2003, 4:40 AM |
|
And what do you think about using LDAP?
"DonB" <7432D63DBB01D03A196B1EDD80E8@comcast.net> schrieb im Newsbeitrag
news:bed5c8$qro$1@news.codecharge.com...
> This is a sticky problem. Aligning Win2K permissions with the code-basd
> security that CCS (and every other platform, for the most part) uses is
hard
> to do. It gets even harder if you want a self-subscribing application as
it
> would mean creating Windows accounts "on the fly".
>
> I think the rational approach would be to establish security groups
(always
> a good practice anyway), and implement the global.asa (assuming IIS) so
> that the OnSession_Start event in global.asa sets up the session variables
> that CCS utilizes. You can resolve security group memberships for users
> from the event script without too much trouble, so mapping group names to
> specific permission levels in CCS becomes possible letting the two
> environments dovetail pretty well.
>
> DonB
>
>
> "Maddin" <m.das@t-online.de> wrote in message
>news:becfp8$vlm$1@news.codecharge.com...
> > Hi!
> >
> > Is there a way to use the NT/2000 Authentication (on PDC 2000 Server)
for
> > CCS-Apps?
> >
> > The last entry was a year ago.
> >
> > Greetings from germany
> > Martin
> >
> >
>
>
|
|
|
|
DonB
|
| Posted: 07/08/2003, 6:17 AM |
|
Yes, that is one of the ways I was alluding to (at least for the "get
membership" side of the problem). I've never tried the user-athentication
that LDAP supports in a web environment. Should work fine, but I haven't
had the occasion to use that approach. I've always just relied on securing
the entire website by specifying NTLM (and/or "Basic") authentication in the
IIS admininstrator.
DonB
"Maddin" <m.das@t-online.de> wrote in message
news:beeak8$dt5$1@news.codecharge.com...
> And what do you think about using LDAP?
>
> "DonB" <7432D63DBB01D03A196B1EDD80E8@comcast.net> schrieb im Newsbeitrag
>news:bed5c8$qro$1@news.codecharge.com...
> > This is a sticky problem. Aligning Win2K permissions with the code-basd
> > security that CCS (and every other platform, for the most part) uses is
> hard
> > to do. It gets even harder if you want a self-subscribing application
as
> it
> > would mean creating Windows accounts "on the fly".
> >
> > I think the rational approach would be to establish security groups
> (always
> > a good practice anyway), and implement the global.asa (assuming IIS) so
> > that the OnSession_Start event in global.asa sets up the session
variables
> > that CCS utilizes. You can resolve security group memberships for users
> > from the event script without too much trouble, so mapping group names
to
> > specific permission levels in CCS becomes possible letting the two
> > environments dovetail pretty well.
> >
> > DonB
> >
> >
> > "Maddin" <m.das@t-online.de> wrote in message
> >news:becfp8$vlm$1@news.codecharge.com...
> > > Hi!
> > >
> > > Is there a way to use the NT/2000 Authentication (on PDC 2000 Server)
> for
> > > CCS-Apps?
> > >
> > > The last entry was a year ago.
> > >
> > > Greetings from germany
> > > Martin
> > >
> > >
> >
> >
>
>
|
|
|
|
|
