Integrated Windows Authentication - Realistic for internet applications?
Question
I'm reading about how wonderful Integrated Windows Authentication is, but there is only a few comments about how it's only good for intranets. So just to be clear, is it safe to say that this technology is not realistic for internet applications? I'm developing a desktop application that connects with SQL Server and I just can't imagine telling all my customers to configure a windows account on their home PCs according to my specifications. Am I missing somethimg because that seems quite unrealistic.
(of course, where the DBA has a close relationship with the users on an intranet, it's a different story.)
1 answers
solution1
0 2011-04-24 21:51:40
I would have to say yes, Windows Authentication is best left to intranet applications - it's ideal for any authenticated communication that needs to take place on the same network.
It sounds like you want to allow the desktop app (running on your client's machine) to directly talk with your SQL Server? I would strongly recommend against allowing direct public access, especially if you cannot lock the port down to a list of known IP addresses. Instead, consider putting WCF Web Services between the database and the desktop client.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.