28.4. Security Broker Component Construction
The security broker can be designed in many ways. One of the best techniques is to expose the authentication service as a Web service and use this Web service for all of your applications. A more integrated approach is to use the Active Directory service and Microsoft’s role-based security model. Each approach has pros and cons. The integrated approach uses existing tools but incurs licensing fees and possible update issues. The custom security Web service requires a unique security design for each company. The CRSS application would be overly complicated if you implemented a full security model: A stub is provided that simply passes the request through. Listing 28.6 is the stub that fulfills the ...
Get XML Schema Complete Reference, The now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
