Authentication

Previous page
Table of content
Next page

Enterprise Services applications use Windows authentication. This is either NTLM or Kerberos authentication depending on the client and server operating system. In Windows 2000 or Windows Server 2003 environments, Kerberos authentication is used.

The main issue for you to consider when building serviced components is to ensure that all calls are authenticated to prevent anonymous users from accessing your component's functionality.

Use (At Least) Call Level Authentication

To reject anonymous callers , use at least call level authentication. Configure this setting by adding the following attribute to your serviced component assembly: 

 [assembly: ApplicationAccessControl(                 Authentication = AuthenticationOption.Call)]
Note  

This is equivalent to setting Authentication level for calls to Call on the Security tab of the application's Properties dialog box in Component Services.



Previous page
Table of content
Next page
Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613
Authors: Microsoft Corporation
BUY ON AMAZON
Qshell for iSeries
OpenSSH: A Survival Guide for Secure Shell Handling (Version 1.0)
Managing Enterprise Systems with the Windows Script Host
Visual C# 2005 How to Program (2nd Edition)
Special Edition Using FileMaker 8
Java All-In-One Desk Reference For Dummies
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy