Hi all I've been having a discussion with another user and it brought up some interesting questions in my mind regarding the two main types of authentication (I know passport is another option, but lets leave that out of this for now): 1 - Why use windows authentication?
- I haven't been able to think of a scenario where I would prefer to use windows authentication in a web app, can somebody who's actually used it maybe comment on this? 2 - Windows authentication dependencies. If I decide to use windows authentication, I may
want to create a new user group called 'MyWebAppSuperUsers' and assign all domain users who are super users to the group. Then if a user belongs to this group, I could allow them access to certain functions. Doesn't this put too much responsibility on the
network admin staff. Suddenly they're not only having to look after authentication on the network, but also on every single app the company is using. Traditionally this responsibility would be split between the 'owners' of different apps. So someone in the
purchasing department will control access and permissions in the purchasing system etc. etc. With windows authentication it just seems to me that the workload on network admin will increase and they may not really be in a position to know what they're doing
without actually knowing a fair deal about every application in the company. Any comments? Maybe I'm a bit biased here, because I've only used forms based authentication and I've been very happy with it and at the same time we've been having endless problems
with windows authentication on our w2k domain. Cheers
Windows Auth would be good for an Intranet where there are already a bunch of unique user accounts created. This way they can use a single-logon (u/p) to access the resources instead of remembering a different username/password.
notsocleverd...
Member
305 Points
61 Posts
Authentication: Forms vs. Windows
Aug 01, 2003 11:26 AM|LINK
sbradk
Participant
1110 Points
224 Posts
ASPInsiders
Re: Authentication: Forms vs. Windows
Aug 02, 2003 04:24 PM|LINK
MCSE, ASPInsider
www.orcsweb.com