LHA Consulting, Incorporated

Monday

Apr212008

It's official, I have drunk the federation kool-aid

Monday, April 21, 2008 at 02:41PM

In a meeting today discussing a B2B web app for which we have deployed and are maintaining an extranet AD to facilitate logons:

Me: "So what mechanism are you using to determine when these extranet accounts should be disabled/deleted?"

Them: "Uhhh...why would we need..."

Me: "You know, such as when an employee is fired from the partner and their account on our extranet is still allowing them to access our BI data?"

Them: *uncomfortable silence*

Me: "And what mechanism is our Help Desk meant to use to determine whether a password reset call 3 months from now is originating from someone who is still employed by the partner?"

Them: *uncomfortable silence*

Here's the problem, though. My next question, namely "Can we use WS-Federation here, instead?" was met by a staggering blank stare from the vendor. So while I've pointed out the weaknesses created by a lack of federation, I appear to be unable to take the next step forward to address said. Very frustrating.

Laura E. Hunter |

2 Comments |

tech

Reader Comments (2)

Im sorry :)

April 21, 2008 |

Unknown Guy /w Dean

Now... if we could only get you to drink the Powershell kool-aid!

Muuhahhhahhhah

April 21, 2008 |

Unknown Guy /w Dean

Post a New Comment

Enter your information below to add a new comment.

My response is on my own website »

Author:

Author Email (optional):

Author URL (optional):

Post:

↓ | ↑

All HTML will be escaped. Hyperlinks will be created for URLs automatically.

It's official, I have drunk the federation kool-aid

Reader Comments (2)

Post a New Comment

Link an External Response