Menu
There doesn't seem to have been any new development on AzMan for a few years now. I'm wondering if it is still the recommended solution for implementing role based authorization for a Windows application using AD authentication? Windows Identity Framework with claims-based authorization seems like overkill for fairly simple intranet applications, but seems to be where MS is focusing now.
513
The lack of new development doesn't always mean a change in direction, in this case I believe it is simply a matter of product stability. AzMan hasn't changed what/how it performs its tasks in quite some time. .NET 3.0 Added some functionality where developers could access AzMan features in a more .NET Friendly manner.
I think that you are right that WIF is overkill for a single intranet application - but if you are developing several applications then the Claims Based mechanism becomes vital to the agility of the security infrastructure. If all of your intranet applications were claims-aware, it would enable the security infrastrucure to more easily move from shared secrets to a hardware token/biometric/whatever-tomorrow-brings style of authentication without any change in the applications themselves.
110
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
