Reputation: 1792
Is AzMan being deprecated as the role based authorization technology for Windows apps?
There doesn't seem to have been any new development on AzMan for a few years now. I'm wondering if it is still the recommended solution for implementing role based authorization for a Windows application using AD authentication? Windows Identity Framework with claims-based authorization seems like overkill for fairly simple intranet applications, but seems to be where MS is focusing now.
Upvotes: 3
Views: 653
Answers (1)
Reputation: 4993
The lack of new development doesn't always mean a change in direction, in this case I believe it is simply a matter of product stability. AzMan hasn't changed what/how it performs its tasks in quite some time. .NET 3.0 Added some functionality where developers could access AzMan features in a more .NET Friendly manner.
I think that you are right that WIF is overkill for a single intranet application - but if you are developing several applications then the Claims Based mechanism becomes vital to the agility of the security infrastructure. If all of your intranet applications were claims-aware, it would enable the security infrastrucure to more easily move from shared secrets to a hardware token/biometric/whatever-tomorrow-brings style of authentication without any change in the applications themselves.
Upvotes: 1
Related Questions
- Azman Obsolete? What is the new alternative to Azman?
- AzMan versus Windows Identity Foundation
- Security Concerns For AZ Man On Winforms Project
- Is Windows Authorization Manager (AzMan) Obsolete? Is it good to use in a new ASP.NET application?
- Azman on a resource level
- Use AzMan RoleManager in conjunction with default ASP.NET Membership
- Microsoft.Interop.Security.AzRoles in Server 2008/Windows 7
- Where is microsoft.interop.security.azroles on Server 2008 R2?
- ASP.NET role based security with AzMan and AD roles
- Authorization and Entitlement solution on .Net like earlier in AzMan