Alright I've been reading up and taking notes. And here's what I get. If I want to integrate Windows authentication with a file or directory or even a whole site, just set the security to basic authentication and choose your domain that you want to gather your authentication from. That's nice but since the password is sent as clear text it's a big security hazard.
Other items for logon that I've seen is to create a database of users and have your members pages authenticate using the session variable you set upon logging on. That is apparently the better of the two options.
Now. What I was thinking, was to take a simple authentication snippet for ADSI and depending on that, log in and set a session variable. such that I don't have to maintain a separate database of users and have the functionality of ADSI if I ever need it.
What do you all think? Any hazards pitfalls or warnings I should know about?
I'd also like som information on SSL or any other secured communication line like kerberos that I can implement into my site.
Thanks in advance.
Martin
Other items for logon that I've seen is to create a database of users and have your members pages authenticate using the session variable you set upon logging on. That is apparently the better of the two options.
Now. What I was thinking, was to take a simple authentication snippet for ADSI and depending on that, log in and set a session variable. such that I don't have to maintain a separate database of users and have the functionality of ADSI if I ever need it.
What do you all think? Any hazards pitfalls or warnings I should know about?
I'd also like som information on SSL or any other secured communication line like kerberos that I can implement into my site.
Thanks in advance.
Martin
