Example: Securing an Intranet or Extranet Portal
To illustrate the ideas outlines in this chapter, let's create a small demo portal site that demonstrates the following:
Authenticating users with Windows authentication turned on in all tiers on our system
Flowing user identity through the system layers
Authorizing users and protecting system resources based on the caller's role
Personalizing the portal based on caller identity and user profiles stored in the SQL Server database
Because it will be an intranet/extranet portal, we have good control over the user base and the environment. We can use Windows authentication in IIS, the ASP.NET application, and SQL Server. This option provides tight security and comes to us at no cost. With Windows authentication ...
Get Building Portals, Intranets, and Corporate Web Sites Using Microsoft Servers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.