473,238 Members | 1,841 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,238 software developers and data experts.

Windows Authetication vs seperate process

I was wondering of someone could steer me in the right direction.

We have a package that we would like to "secure" so that only specific
individuals can access specific portions of the application. Our
wxPython application will revolve around updating a central database
with information submitted from the app. We will eventually have a web
front end fo rsome aspects of the app.

With several packages I have seen options to "Use Windows
Authentication", which seems to mean that "If the user has
authenticated and signed onto Windows, then our application will use
their windows userid and we will just focus on the the tasks within our
application the user is authorized to perform"

Does anyone have any experience using this type of authentication
scheme ?

Any related tips or suggestions ?

I have found a few wikipedia entries, but they seem to be more related
to webpages, etc.

Thanks.

Dec 18 '06 #1
3 978
At Monday 18/12/2006 13:24, im**********@gmail.com wrote:
>With several packages I have seen options to "Use Windows
Authentication", which seems to mean that "If the user has
authenticated and signed onto Windows, then our application will use
their windows userid and we will just focus on the the tasks within our
application the user is authorized to perform"
Search for SSPI. But it may be a bit tricky to get running.
--
Gabriel Genellina
Softlab SRL

__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam ˇgratis!
ˇAbrí tu cuenta ya! - http://correo.yahoo.com.ar
Dec 18 '06 #2
On Monday 18 December 2006 10:24, im**********@gmail.com wrote:
I was wondering of someone could steer me in the right direction.

We have a package that we would like to "secure" so that only specific
individuals can access specific portions of the application. Our
wxPython application will revolve around updating a central database
with information submitted from the app. We will eventually have a web
front end fo rsome aspects of the app.

With several packages I have seen options to "Use Windows
Authentication", which seems to mean that "If the user has
authenticated and signed onto Windows, then our application will use
their windows userid and we will just focus on the the tasks within our
application the user is authorized to perform"

Does anyone have any experience using this type of authentication
scheme ?

Any related tips or suggestions ?

I have found a few wikipedia entries, but they seem to be more related
to webpages, etc.

Thanks.
Using windows authentication IMHO should only be used if there is an Active
Directory/LDAP server set up against which the users are authenticated. I
googled for 'active directory python' and came across
http://tgolden.sc.sabren.com/python/ad_cookbook.html It seems to be very
simple to use.

If I were to implement an authentication system like you want. I would:
1. Check to see if the local machine was part of a domain. If not then inform
the user that they need to be.
2. Check to see if the user who ran the application is part of a specific
group in AD.

I would assign each group a certain 'level' of privilege and accordingly let
the user do what they should be able to do.

I hope this is a good starting point.

- Jonathan Curran
Dec 18 '06 #3

im**********@gmail.com wrote:
>I was wondering of someone could steer me in the right direction.

We have a package that we would like to "secure" so that only specific
individuals can access specific portions of the application. Our
wxPython application will revolve around updating a central database
with information submitted from the app. We will eventually have a web
front end fo rsome aspects of the app.

With several packages I have seen options to "Use Windows
Authentication", which seems to mean that "If the user has
authenticated and signed onto Windows, then our application will use
their windows userid and we will just focus on the the tasks within our
application the user is authorized to perform"

Does anyone have any experience using this type of authentication
scheme ?

Any related tips or suggestions ?

I have found a few wikipedia entries, but they seem to be more related
to webpages, etc.

Thanks.
The pywin32 package includes the functions needed to do this type of
authentication. See \win32\Demos\security\sspi for some examples that
work out of the box with NTLM.

Roger


----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----
Dec 20 '06 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: Luis Carvalho | last post by:
Hi!! I'm developping a web app that uses the windows authetication to manage it's permissions. In other words, I want only the users that can get in my win2000 machine to be able to access the...
0
by: Luis Carvalho | last post by:
Hi!! I'm developping a web app that uses the windows authetication to manage it's permissions. In other words, I want only the users that can get in my win2000 machine to be able to access the...
2
by: =?Utf-8?B?dmlzaHJ1dGg=?= | last post by:
Hi, I have 2 applications running, one Windows application project and the other windows services project. I want to call my Windows application in my windows services. I want to run them as...
1
by: =?Utf-8?B?dmlzaHJ1dGg=?= | last post by:
Hi, I have 2 applications running, one Windows application project and the other windows services project. I want to call my Windows application in my windows services. I want to run them as...
0
by: jianzs | last post by:
Introduction Cloud-native applications are conventionally identified as those designed and nurtured on cloud infrastructure. Such applications, rooted in cloud technologies, skillfully benefit from...
0
by: abbasky | last post by:
### Vandf component communication method one: data sharing ​ Vandf components can achieve data exchange through data sharing, state sharing, events, and other methods. Vandf's data exchange method...
2
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 7 Feb 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:30 (7.30PM). In this month's session, the creator of the excellent VBE...
1
by: davi5007 | last post by:
Hi, Basically, I am trying to automate a field named TraceabilityNo into a web page from an access form. I've got the serial held in the variable strSearchString. How can I get this into the...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Aftab Ahmad | last post by:
Hello Experts! I have written a code in MS Access for a cmd called "WhatsApp Message" to open WhatsApp using that very code but the problem is that it gives a popup message everytime I clicked on...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.