We’re a smaller shop that puts out a number of products that require
authentication and authorization. We’re currently using a 3rd party
service to “spin up new auth APIs” for each application. However, I
would like to investigate potential designs for doing this ourselves
in-house due to additional security requirements that may be needed in
the future. I’ve included information below and would appreciate any
design or support as I’m relatively fresh with designs of this scale.
Summary of goals:
An interface that allows a developer to create and manage
authentication APIs for multiple applications via a webpage. This
includes the mostly automated process of spinning up new auth APIs,
and ideally the ability to do some form of RBAC / ABAC changes via
All APIs can expose the same common-auth endpoints, so they’re basically just “Images” of one another. (I.e. Login / Register / etc.)
While this would ideally be entirely automated, some parts I’ve thought of being manual are:
* Domain configuration (pointing subdomains to new endpoints)
* Spinning up additional VMs (needed?)
* Spinning up additional DBs or tables?
* Minor configuration changes
* others I haven’t thought of?
- As a Developer, I want to login to a web portal so that I can manage auth APIs.
- As a Developer, I want to create a new API in the web UI, so that I can then integrate it to new applications.
- As a Developer, I want to manage users in the web UI, so I can oversee access to our applications.
- As a Developer, I want to **…
Each new API for the applications should likely have the user stores
(table containing user information) segregated into different
databases stored on separate hardware to minimize attack vectors and
improve security/scaling. For now, I’m thinking of different
subdomains or maybe request parameters to separate the APIs?
I feel like there may be some solution that involves building a
template/image of an Auth API on Azure and just duplicating the VM or
image, but I’m not too sure of this route either. Obviously
management, maintenance, updates, etc. to these would be more
hands-on, but feel free to provide feedback on this as well.
Thanks in advance!
Go to Source
Our Active directory will change the accounts name for example John Doe Jdoe@abcd.com to John.Doe@abcd.com.
My question is do I need to change all the SQL Logins individually or the person can login to SQL server management studio with their old names. What also happens if the login is an owner of a database or job.
Go to Source
We are considerung to build an Windows application that is split in 2 parts:
One part running as a Windows service and the other part as Add-Ins.
There could be different kinds of Add-Ins:
For Microsoft Office, for Microsoft Management Console (MMC) and for the PowerShell.
The service as well as the Add-Ins are digitally signed with a companies certificate and are all running on the same machine.
The service runs in a different user account than the Add-Ins.
The Add-Ins may run in various interactive user accounts.
The Add-Ins need to communicate with the Windows service to exchange a secret that is known to the service only, but is needed at the Add-Ins to get access to some sensitive data.
Therefor the Add-In would connect to the service (via e.g. named pipe) and requests that secret on demand.
But we need to avoid that another application/process does the same and gets the secret.
Only those Add-Ins that belong to our application (that are digitally signed with our certificate) may get the secret. In other words, the Add-Ins need some way to authenticate themself to the service.
So my question is:
How can the Add-Ins authenticate themself to the service while requesting the secret? Is it possible to use the digital signature (or someting else that is unique to them and to the service) for this?
It might get more difficult when considering, that the Add-Ins are hosted by processes that might be signed with different certificates (e.g. Word.exe, mmc.exe, …).
We are implementing on the .NET Framework.
Thanks for any kind of help.
Go to Source
I want to publish this app in the cloud so that others could use it.
The biggest issue I am seeing is the security side as the app needs to authenticate with the remote server (a controller itself) and start sending tasks to the controller that will translate that in internal REST APIs to control for processes on downstream servers
Is there an authentication flow that will guarantee the owners of the controllers that I (the publisher of the front end) do not intercept the authentication flow and I gain unwanted access to their servers ?
My idea is to use a two steps authentication/authorization process like below. Is there a better way?
Please edit this diagram if you have suggestions
Go to Source