我正在为我的公司开发一个基于 Web 的 Intranet。我只想知道用户使用活动目录登录详细信息登录应用程序是一件好事,还是我应该与应用程序数据库一起创建登录名。如果有什么比这更好的,请提出建议。这是我的第一个应用程序开发,所以需要有经验的人的帮助。
jazzrai
问问题
4754 次
6 回答
2
Only use Active directory for your intranet, if you infrastructure supports it.
You question is phrased as if you think the user to type there password in again to login to the intranet site - they should not do this! have windows pass on the credentials automatically. This is pretty much built in to dotnet/iis/etc.
Also AD will add group management a privledges so you can restrict areas of you intranet to members of certain groups.
And you support team already have the tools to manage all this.
PS you can enable FireFox to auto log on via NTLM and it is one of the most requested features for Chrome too so don't let browser issues put you off
于 2008-10-07T20:56:58.007 回答
2
There are several pros using Active Directory authentication in the intranet.
Thoses are the main ones:
- You want to to keep authentication stores number as low as possible
- Using Active Directory, users who have their desktop in the domain (as they should) will be able to use Integrated Windows Authentication. They will be able to log in without having to type their password.
- An Active Directory authentication mechanism probably exists for your language
More information:
于 2008-10-07T21:02:07.200 回答
2
一般来说,尽量减少人们需要拥有的帐户数量是个好主意。
所以我肯定会尝试使用他们的活动目录登录。
此外,如果需要,您可以使用各种单点登录方法自动将人们登录到您的应用程序中。(或者集成到 IIS 中,或者其他。)。
这使得应用程序非常有用,因为人们总是忘记登录详细信息,并且讨厌再次登录到其他系统。
于 2008-10-07T20:53:42.087 回答
1
如果您创建一个单独的登录系统,那么您的用户必须记住 2 个不同的登录。当他们的“真正”登录就在眼前时,为什么还要麻烦呢?
于 2008-10-07T20:49:39.957 回答
1
更少的代码供您编写并更好地集成到更广泛的系统中。而且,谁不想记住更少的密码。
于 2008-10-07T20:50:56.553 回答
0
Definitely go for the Active Directory option, or use Active Directory as an LDAP server if whatever language you're using doesn't directly support AD. Active Directory actually makes a pretty good LDAP server.
If there is anything better that this please suggest.
OpenID?...
于 2008-10-07T21:04:51.517 回答