Hi,
I am trying to develop architecture for web applications. I have written a module for providing security for the web applications. I am exposing both logging and authentication as windows services. Logging is handled by a logging service, which receives asynchronous requests. Authentication is handled by a security service, which receives synchronous requests from the applications that need to be authenticated.
Is it a good idea to expose authentication as a windows service
Thank you very much for your time.
Chinna
Security for web application
OneDeveloper
How can you make sure an hacker will call your windows service to check if she is allowed to do anything [you probably can't]
take a look here for an intoduction to authorization and authentication in ASP.NET
Arnon
Devapriya De Silva
Is it a good idea to expose authentication as a windows service
For authentication you better can use the standards [Forms, Windows] it's tested. For authorization you can build what ever you want, but I still think you better can use the standard way [.NET Rolls, URL Auth, File Auth]. When you don't need extra extra extra security.