I'm trying to determine the best way to set up an IIS
virtual directory that will host a remote data portal. I have no need for
the user's identity in the DataPortal_XYZ methods so I'm leaning toward
enabling anonymous access to the virtual directory and restricting access to
the IP addresses of our web servers.
I assume this is secure because the application performs authorization checks
before calling any of the DataPortal_XYZ() methods.
Is this a valid assumption? Does anyone have an opinion on this setup
from a security standpoint?
If you need true security then the only answer is SSL. That's the only way to protect the data on the wire with Remoting over HTTP.
If all you need is authentication then you can use either Windows or custom authentication. The primary difference between them is that with custom authentication the user's credentials are passed over the wire in cleartext. This is an obvious security hole and the answer is to use SSL to protect the data on the wire.
An alternative, if you are using CSLA .NET 2.0, is to use the Enterprise Services channel and configure your COM+ application to use a secure connection, or to adapt the Web Services channel to use WSE 3.0, which provides support for a secure connection.
Ultimately you need to decide if you are worried about someone sniffing the data on the wire or not. If not, then custom authentication will be fine. If are are worried about someone sniffing the data on the wire then you need to take steps.
I'm primarily concerned with authentication. My hang-up
is caused by the environment that I have to work with. The web server is in a
DMZ and the website uses windows authentication with local user accounts. The application
server is in a separate domain.
What do you think about enabling anonymous access to the virtual directory that
hosts the remote data portal and depending on the business objects to prevent
unauthorized users from calling the DataPortalXYX() methods?
Copyright (c) Marimer LLC