.net - When is it worth implementing a WIF solution? -


i'm trying build / architect security solution intranet application , i'm wondering if implementing wif level solution worth it, given requirements.
essentially, have following things considerations

  • the general platform asp.net mvc 3 / windows servers / sql server 2008 r2 database.
  • information comes our system outside vendor provides workflow software solution
  • since vendor software covers part of company's typical workflow, they'll sending data rest call. our end uses wcf rest calls receive data.
  • a vpn tunnel supposed built outside vendor's servers part of security.
  • there's pressure top vpn isn't enough security. also, there authorization issues (some users shouldn't have access data), should have identifies users on our end vendor's end insure information right person, proper rights make these changes.
  • the outside vendor has own security system, nothing can tap into, i'm not sure what, if anything, can synchronize security.
  • the piece of workflow pick handled via mvc 3 / sql server.
  • our company uses active directory user management, , i'd if can lean on if possible. ideally, i'd not introduce yet password our users, since they'll have work logins, outside workflow vendor logins, , logins yet other vendors.
  • while solution going part of company i'm in now, might roll out other sister companies under our same active directory.
  • while using workflow solution limited users in active directory, we'd have outside users we'd prefer not give active directory accounts view reports running on ssrs.

sorry if long, hope providing information possible, can best answers / solutions / practices / recommendations possible problem. thanks.

it's worth installing wif if want future proof solution. wif enables claims , microsoft building apps around claims e.g. sharepoint 2010, crm dynamics 2010, office 365 , azure acs built around claims, wif , sts.

once have infrastructure installed, it's relatively easy federate other partners. traditional way enable trust between ad add more , more companies run problems ip, netbios etc. clashes.

wif addresses number of points have raised.

  • allowing external users access without adding them local ad
  • an additional encryption layer on , above iis ssl.
  • allocating roles users authorisation (both coarse , fine grained)
  • sso
  • built around ad

Comments

Post a Comment

Popular posts from this blog

c# - SharpSVN - How to get the previous revision? -

i trying find efficient way previous revision of file text comparison using sharpsvn. using (svnclient c = new svnclient()) { c.authentication.defaultcredentials = new networkcredential( configurationmanager.appsettings.get("svnserviceusername") , configurationmanager.appsettings.get("svnservicepassword") , configurationmanager.appsettings.get("svnservicedomain") ); c.authentication.sslservertrusthandlers += new eventhandler<svnsslservertrusteventargs>(authentication_sslservertrusthandlers); collection<svnfileversioneventargs> fileversioncollection = new collection<svnfileversioneventargs>(); svnrevisionrange range = new svnrevisionrange(0, this.hooks.revision); svnfileversionsargs args = new svnfileversionsargs(); args.retrieveproperties = true; args.range = range; foreach (svnchangeitem item in log.changedpaths) { string path = this.repositorypath + it...
Read more

c++ - Is it possible to compile a VST on linux? -

for class project i'm attempting write vst plugin backed cuda. current cuda workflow on linux box, i'd prefer compile , link there. according wikipedia , should possible (i couldn't find steinberg documentation relevant linux) can't find makefile or instructions on how build if aren't using xcode or visual studio. i'm vst 3 sdk doesn't support linux. when try compile plugin under linux, error: ./base/source/fatomic.cpp:39:30: fatal error: libkern/osatomic.h: no such file or directory this issue caused following code in "vst3 sdk/base/source/fatomic.cpp" #if mac #include <libkern/osatomic.h> #if mac_os_x_version_min_required > mac_os_x_version_10_4 #define native_atomic_type (volatile int32_t*) #else #define native_atomic_type (int32_t*) #endif #elif windows #include <windows.h> #endif but hope compiling under linux work vst sdk 2.4. reading. jvstwrapper seems run on lin...
Read more

url - Querystring manipulation of email Address in PHP -

i using third party application (email2http) send me emailid, body , message. unable retrieve email id due name appended on , enclosed < , >. here querystring getting. test.php?from=ajay+reddy &subject=cx&body=somebody when print variable in php returns name , not email id. $from = $_get['from']; echo $from; //output ajay reddy please suggest me how can emailid also. i dont want use post method due testing , debugging. it's working fine. forgot use htmlentities() in debugging.
Read more