I'm wondering if there are sec开发者_JS百科urity (or otherwise) advantages of using an ADAM (Active Directory Application Mode) store for asp.net membership. I'm afraid that setting up the ADAM store is more difficult than the default aspnet_regsql scripts for a default membership database, but i will prefer the more secure solution.
Wich of the two is the more secure?
I think it's less of a security more of a application issue. AFAIK you would use AD in an environment where you would share the user and security related information with other applications - like the OS. SQLServer setup probably more useful in a isolated application (or applications) scenario.
It's not so much a security issue as a functional issue.
ADAM provides a more granular approach to security. The membership provider let's you assign Roles. ADAM does this as well, but it goes further in allowing you to create actions that can be assigned to multiple roles.
This means you can do things like enable a button on a page for everyone who has a particular Action. And that the action might be assigned to multiple roles. Which basically means ADAM can provide a much richer way to slice security up in your app.
精彩评论