I’ve been reading Craig McMurtry’s series on Application Security. It is interesting stuff, especially the use of ADAM as repository for application security information. I certainly can understand why you would want to store user information in a central repository, but I am still struggling with the idea of storing all of the authorization information outside of the application database. What happens in a multi-database scenario? A user may have access rights to certain information in a database for one company, but not in the database for another company. Also, by moving the roles and role assignments out of the database, when I back up the database, I don’t back up that information. I guess if ADAM actually ran in Windows 2000 server I would be a bit more concerned, but at this point it is going to be a few more years before the majority of my clients are running W2K3 server.
October 31, 2004 Uncategorized Comment off Darrel Miller
Application Security
Related Blog
Best Practices for Legacy System Migration
August 17, 2024
Computer-Assisted Learning: Key Statistics and Trends
August 15, 2024
How to Build a Big Data
August 13, 2024