Home > Archive > Microsoft Webservices > October 2005 > Web service as intranet security layer interface
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Web service as intranet security layer interface
|
|
|
| Hello. I originally posted this in the security community but I think I
should have posted it here. My apologies for the duplication.
I'm creating our company's intranet and the first thing that I'm tackling is
the security layer.
We will authenticate against Active Directory.
I was thinking about implementing this security layer as an internal web
service, this way our apps (and eventual internet apps) will have one place
to go for authentication.
This web service will be behind our firewall, and not accessible from the
internet.
What are some thoughts out there about this implementation?
Thanks in advance,
Mike
| |
| CESAR DE LA TORRE [MVP] 2005-10-07, 8:05 am |
| It depends of your requirements, but if you have a lot of concurrent users,
calling from a Web-Site Intranet (like ASP.NET or SharePoint) to Web-Services
will decrease your Intranet performance.
You will have much more performance calling from your Web-Site Intranet
(like ASP.NET or SharePoint) directly to Assemblies (bussiness objects
implemented as Class Libraries). Your are calling just through the CLR
instead of going through HTTP within the same server...
On the other hand, using Web Services, you'll have a single way to access to
your business logic (for your Intranet or for Fat clients or for other
Applications or Services).
It depednd of performance issues vs. SOA design and a sinble way of
accessing your business logic...
--
CESAR DE LA TORRE
Software Architect
[Microsoft MVP - XML Web Services]
[MCSE] [MCT]
Renacimiento
[Microsoft GOLD Certified Partner]
"mike" wrote:
> Hello. I originally posted this in the security community but I think I
> should have posted it here. My apologies for the duplication.
>
> I'm creating our company's intranet and the first thing that I'm tackling is
> the security layer.
>
> We will authenticate against Active Directory.
>
> I was thinking about implementing this security layer as an internal web
> service, this way our apps (and eventual internet apps) will have one place
> to go for authentication.
>
> This web service will be behind our firewall, and not accessible from the
> internet.
>
> What are some thoughts out there about this implementation?
>
> Thanks in advance,
>
> Mike
>
>
>
|
|
|
|
|