Results 1 to 3 of 3

Thread: Advice on Security Settings

  1. #1

    Thread Starter
    Lively Member
    Join Date
    Sep 2002
    Posts
    66

    Advice on Security Settings

    I need to create a web app that will be accessed by employees. We run dual platform W2K and Mac OS.

    Our apps will use IIS 5, Sql Server 2K and Active Directory. All employees have a domain account in Active Directory. We use Windows authentication with Sql Server.

    What would be the best form of authentication? I would want the windows users to automatically be authenticated without the user entering information. I would want MAC users to enter their username and password once and not need to enter it again.

    Anynomus access is turned off on IIS and the web config file has deny unknown users. How does Passport authentication work? Is the information stored on the server, local machine? how does it work with non windows OS?

    Thanks for your advice.
    Jason Meckley
    Database Analyst
    WITF

  2. #2
    Lively Member
    Join Date
    Sep 2002
    Location
    Belgium
    Posts
    99
    Hi,


    it's me again. Still messing around with that damned security ?

    In your webconfig, you can put this line :

    <authentication mode="Windows" />

    So you'll need to be authenticated in Windows to access the page.

    If you need security on certain directories, files then you can set this security in you Windows security settings on those directories. If someone wants to access a directory then they will receive 'Access denied'.

    If you're working in a windows environment, then there's no need to implement passport authentication and so on. I'm not sure how you could solve it with your mac users. I should say... Just try 'n test it !

    HTH

  3. #3
    Addicted Member Nigh™a®e's Avatar
    Join Date
    Feb 2002
    Location
    Belgium
    Posts
    175
    Set your application to windows authentication in your web.config file.

    Goto security settings of your site (iis manager)
    Disable anonymouse and check on digest authentication for auto login using domain accounts.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width