473,326 Members | 2,104 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,326 software developers and data experts.

Switch Between Integreated Auth and FBA

I'm writing a web app that will be distributed and I want to allow the
installer to choose between using Integrated Authentication, or FBA.
Switching between those with web.config is obviously very easy. I'm trying
to decide how best to architect the database and code to accept either a
windows-sid or a UserID from the aspnetdb.

For example WSS 3.0 allows both windows integrated authentication, or FBA
using any membership provider. How do they handle that in their database
architecture? Are there any good guides on the web to provide some guidance?

Sep 16 '08 #1
4 893
One easy way to do this is use the least popular as a fallback. Another
means of achieving it is to place the site in two locations (one accessible
from the Internet, the other not) and use the security applicable to the
zone. This is also the most secure, as you are not allowing Intranet users
to get in via the Internet.

--
Gregory A. Beamer
MVP, MCP: +I, SE, SD, DBA

Subscribe to my blog
http://feeds.feedburner.com/GregoryBeamer#

or just read it:
http://feeds.feedburner.com/GregoryBeamer

********************************************
| Think outside the box! |
********************************************
"-Steve-" <nn**@dosomethingwiththis.miisconsultant.comwrot e in message
news:uP**************@TK2MSFTNGP03.phx.gbl...
I'm writing a web app that will be distributed and I want to allow the
installer to choose between using Integrated Authentication, or FBA.
Switching between those with web.config is obviously very easy. I'm trying
to decide how best to architect the database and code to accept either a
windows-sid or a UserID from the aspnetdb.

For example WSS 3.0 allows both windows integrated authentication, or FBA
using any membership provider. How do they handle that in their database
architecture? Are there any good guides on the web to provide some
guidance?
Sep 16 '08 #2
Small clarification. I don't want to allow both Integreated Auth and FBA at
the same time, I want to allow the admin who installs the site to choose
either Integrated Auth or FBA.

The issue I run into is how to handle these kind of things, espically in the
database.
"Cowboy (Gregory A. Beamer)" <No************@comcast.netNoSpamMwrote in
message news:ex**************@TK2MSFTNGP06.phx.gbl...
One easy way to do this is use the least popular as a fallback. Another
means of achieving it is to place the site in two locations (one
accessible from the Internet, the other not) and use the security
applicable to the zone. This is also the most secure, as you are not
allowing Intranet users to get in via the Internet.

--
Gregory A. Beamer
MVP, MCP: +I, SE, SD, DBA

Subscribe to my blog
http://feeds.feedburner.com/GregoryBeamer#

or just read it:
http://feeds.feedburner.com/GregoryBeamer

********************************************
| Think outside the box! |
********************************************
"-Steve-" <nn**@dosomethingwiththis.miisconsultant.comwrot e in message
news:uP**************@TK2MSFTNGP03.phx.gbl...
>I'm writing a web app that will be distributed and I want to allow the
installer to choose between using Integrated Authentication, or FBA.
Switching between those with web.config is obviously very easy. I'm
trying to decide how best to architect the database and code to accept
either a windows-sid or a UserID from the aspnetdb.

For example WSS 3.0 allows both windows integrated authentication, or FBA
using any membership provider. How do they handle that in their database
architecture? Are there any good guides on the web to provide some
guidance?

Sep 16 '08 #3
they use the factory pattern. the factory returns an interface, and looks in
the web.config (or other) to know what type of real object to create.

google factory pattern or test first design (which use the factory pattern)
to get better understanding.

-- bruce (sqlwork.com)
"-Steve-" wrote:
Small clarification. I don't want to allow both Integreated Auth and FBA at
the same time, I want to allow the admin who installs the site to choose
either Integrated Auth or FBA.

The issue I run into is how to handle these kind of things, espically in the
database.
"Cowboy (Gregory A. Beamer)" <No************@comcast.netNoSpamMwrote in
message news:ex**************@TK2MSFTNGP06.phx.gbl...
One easy way to do this is use the least popular as a fallback. Another
means of achieving it is to place the site in two locations (one
accessible from the Internet, the other not) and use the security
applicable to the zone. This is also the most secure, as you are not
allowing Intranet users to get in via the Internet.

--
Gregory A. Beamer
MVP, MCP: +I, SE, SD, DBA

Subscribe to my blog
http://feeds.feedburner.com/GregoryBeamer#

or just read it:
http://feeds.feedburner.com/GregoryBeamer

********************************************
| Think outside the box! |
********************************************
"-Steve-" <nn**@dosomethingwiththis.miisconsultant.comwrot e in message
news:uP**************@TK2MSFTNGP03.phx.gbl...
I'm writing a web app that will be distributed and I want to allow the
installer to choose between using Integrated Authentication, or FBA.
Switching between those with web.config is obviously very easy. I'm
trying to decide how best to architect the database and code to accept
either a windows-sid or a UserID from the aspnetdb.

For example WSS 3.0 allows both windows integrated authentication, or FBA
using any membership provider. How do they handle that in their database
architecture? Are there any good guides on the web to provide some
guidance?


Sep 16 '08 #4
If you mean install time, you can alter the config at install. If that is
not an option, use a local.config file (you leave that file when you
update).

If you mean have it so the site can do both, I like Bruce's suggestion of a
factory pattern triggered by a config element. Another method is to set it
up using a provider model and having two branches. Simply add the version
that fits the site. This can be done at install time (if using install) or
you can ship the product differently if it is a copy and paste job (by ship,
I mean in general, as you may be the shipper).

Is that more inline with what you were looking at?

--
Gregory A. Beamer
MVP, MCP: +I, SE, SD, DBA

Subscribe to my blog
http://feeds.feedburner.com/GregoryBeamer#

or just read it:
http://feeds.feedburner.com/GregoryBeamer

********************************************
| Think outside the box! |
********************************************
"-Steve-" <nn**@dosomethingwiththis.miisconsultant.comwrot e in message
news:ez**************@TK2MSFTNGP02.phx.gbl...
Small clarification. I don't want to allow both Integreated Auth and FBA
at the same time, I want to allow the admin who installs the site to
choose either Integrated Auth or FBA.

The issue I run into is how to handle these kind of things, espically in
the database.
"Cowboy (Gregory A. Beamer)" <No************@comcast.netNoSpamMwrote in
message news:ex**************@TK2MSFTNGP06.phx.gbl...
>One easy way to do this is use the least popular as a fallback. Another
means of achieving it is to place the site in two locations (one
accessible from the Internet, the other not) and use the security
applicable to the zone. This is also the most secure, as you are not
allowing Intranet users to get in via the Internet.

--
Gregory A. Beamer
MVP, MCP: +I, SE, SD, DBA

Subscribe to my blog
http://feeds.feedburner.com/GregoryBeamer#

or just read it:
http://feeds.feedburner.com/GregoryBeamer

********************************************
| Think outside the box! |
********************************************
"-Steve-" <nn**@dosomethingwiththis.miisconsultant.comwrot e in message
news:uP**************@TK2MSFTNGP03.phx.gbl...
>>I'm writing a web app that will be distributed and I want to allow the
installer to choose between using Integrated Authentication, or FBA.
Switching between those with web.config is obviously very easy. I'm
trying to decide how best to architect the database and code to accept
either a windows-sid or a UserID from the aspnetdb.

For example WSS 3.0 allows both windows integrated authentication, or
FBA using any membership provider. How do they handle that in their
database architecture? Are there any good guides on the web to provide
some guidance?

Sep 17 '08 #5

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
by: Steven Stern | last post by:
I'm looking for a way to force basic http autentication from within a PHP script. Here's the situation: I have an exisiting system that first authenticates people via the aMemberPro package....
4
by: jsWalter | last post by:
I have an extension Class to Auth and I'm looking for some folks to hammer on it a bit and give feed back. Class: AuthUser - add user (well, Auth does that now, so its gone) - remove user...
0
by: David Geller | last post by:
Hi, I had been using smptlib to send email via my covad relay previously (several months ago), and it worked fine. Covad requires authentication, and this was accomplished fine with...
0
by: Ciaran McAuliffe | last post by:
Hey, I have a bit of a tricky problem, here is a quick overview. I have a website which connects to a webservice, this web service is a front for access to the Reporting Services Web Service, the...
4
by: 23s | last post by:
I had this problem in the past, after a server reformat it went away, and now after another server reformat it's back again - no clue what's doing it. Here's the flow: Website root is public, no...
10
by: Henk van Lingen | last post by:
Hi, docs say (19.2.1): When trust authentication is specified, PostgreSQL assumes that anyone who can connect to the server is authorized to access the database as whatever database user he...
0
by: kevin bailey | last post by:
I have a framework working where I have multiple pages each checking the authentication status. Unauthorised users are redirected to a login page - otherwise the requested page is shown. ...
1
by: kevin bailey | last post by:
I have used the PEAR Auth package to successfully set up authentication. <code> // Details of where the authentication details are stored. $options = array( 'dsn'...
3
by: hakan | last post by:
I've started playing with the Auth module, and I have a quick question before I go any deeper. Is it possible to embedd the Auth login form in an HTML page? I would like to put a login form in a...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.