I'm after comments and suggestions on the way forward on the following. Any information about past experience would be most appreciated.
I'm trying to work out the best way to develop authentication for a WCF project. Currently I have an AD server with a domain setup by our systems admin. I'm not sure if it's AzMan. I'm not really upto speed on it.
I developed the original version under pressure to deliver and wrote a "home-made" AD interface using LDAP and the DirectoryServices classes, on a saturday, which validated the username and password against AD then retrieved the username's roles.
The original project was asmx services based on a previous framework and all worked but very rough and very stiff. We talked about changing the AD schema recently and I started sweating!
I've now replaced asmx with WCF. I'm using...
username authentication custom authentication manager custom authorization manager custom authorization policy
I want to use Role based authorization. I've found the AuthorizationStoreRoleProvider. Can this be used over AD without it being AzMan? The project manager is not keen to change the AD schema. Also, I found the "How To: Use Authorization Manager (AzMan)
with ASP.NET 2.0" which has a "Retired Content" note at the top!
Failing that I could follow the example of something like this (given in http://msdn.
View Complete Post