All,
I'm in the process of doing some research and planning to upgrade our Web
servers from Windows 2003 to Windows 2008 R2. One of the stumbling blocks that
I've run into so far is how to handle URL authorizations in Windows 2008 using
groups defined within LDAP (we call them User Managed Groups or UMG's).
What we currently do in Windows 2003 is as follows:
• We have a Web-based tool with a SQL back-end that stores a list of
directories that need to be secured, along with a list of UMG's that should
have access to those directories. This, I will call our Access Manager.
• We use URLAuth to query LDAP for a list of groups that the currently
authenticated user, through CoSign, is a member of. If the user belongs to one
of the UMG's that are authorized to have access to a specific directory listed
in our Access Manager, they will be granted access to that resource. If not,
they are denied access and given a 401 unauthorized error.
• We modify the IIS metabase to add in the list of directories that should
be secured, so that IIS knows how to handle them using URLAuth.
Because Microsoft has changed the way URL authorizations work in Windows 2008,
it does not appear that this will work as it had in Windows 2003.
Does anyone have a working solution on how to handle URL authorizations in
Windows 2008 using UMG's?
A colleague of mine here at Penn State has also asked this question in the
past. You can view her message at
http://sourceforge.net/mailarchive/message.php?msg_id=26876552 . We're
basically trying to do the same thing.
Thanks,
Jeremy
----------------------------------------------------------------------------
Jeremy Landes
Programmer/Analyst
Web & Communication Services
Administrative Information Services
Information Technology Services
The Pennsylvania State University
4 Shields Building
University Park, PA 16802
Phone: (814) 863-2887
E-mail: [email protected]
Web: http://ais.its.psu.edu
----------------------------------------------------------------------------
------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________
Cosign-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
