B
Brad Leach
Greetings,
I am developing a new Authentication/Authorization scheme for a series of
applications. I wanted to use a Web Service to Authenticate users, and use a
GenericPrinciple on the trusted web service consumer to check for specific
roles.
I have run into a problem, in that I can't return a GenericPrincipal to the
consumer (due to XML Serialization). I am considering returning a custom
"User" Business Object (containing the username and roles) that can be
translated into a GenericPrincipal on the consumer side. However, I wanted
to see what other people had done in this case.
Are you using custom business objects, or some other mechanism when you use
Xml Web Services to authenticate users and get a list of roles for that
user?
Thanks,
-Brad
I am developing a new Authentication/Authorization scheme for a series of
applications. I wanted to use a Web Service to Authenticate users, and use a
GenericPrinciple on the trusted web service consumer to check for specific
roles.
I have run into a problem, in that I can't return a GenericPrincipal to the
consumer (due to XML Serialization). I am considering returning a custom
"User" Business Object (containing the username and roles) that can be
translated into a GenericPrincipal on the consumer side. However, I wanted
to see what other people had done in this case.
Are you using custom business objects, or some other mechanism when you use
Xml Web Services to authenticate users and get a list of roles for that
user?
Thanks,
-Brad