[ale] Would like to get some insight on a current project

[Jonathan Rickman]

Forgot to mention Authorization Manager (Microsoft). You can read up
on it and see if it might be the answer. I have not put it to the test
yet because I have found no pressing need for it. It is a full RBAC
system that can be integrated with IIS6 to provide seemingly limitless
control over access to URLs. I believe it is a .NET only thing, but I
don't know enough about it to be sure.

--
Jonathan


On Tue, 1 Mar 2005 17:39:55 -0500, Jonathan Rickman <jrickman at gmail.com> wrote:
> This sounds like a job for client side certificates. I'm not aware of
> any method for doing what you need to do natively other than that.
> Other than certs, you'll probably have to do it in app code.
> 
> --
> Jonathan
> 
> 
> On Tue, 01 Mar 2005 22:11:26 +0000, mmillard1 at comcast.net
> <mmillard1 at comcast.net> wrote:
> >
> > I have a project going where I have to put an IIS Server up with Internet
> > access enabled.  There are users created on the server using a Custom SQL DB
> > with Encrypted Passwords.
> >
> > I put it behind a SSL VPN ( with it's own password scheme ) which is also
> > sitting behind my Firewall.  My problem suddenly appeared when management
> > decided to allow only some users access from the Web and not others.
> >
> > Within IIS there is no built in way to determine internal or External that I
> > am aware of at least.
> >
> > I have been looking at using an ISS Box I have to monitor traffic looking
> > for the login strings which are not allowed and then kill traffic on the
> > threads.  I was wondering if there is anything out there in the Linux world
> > that might help me get where I have to get without using such expensive
> > ports.  I also wasn't sure that I might not find a cleaner easier solution
> > in the Linux world.  Any ideas or thoughts would be very much appreciated.
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://www.ale.org/mailman/listinfo/ale
> >
> >
>