mailing list archives
RE: about portal security
From: "Scovetta, Michael V" <Michael.Scovetta () ca com>
Date: Wed, 9 Jun 2004 09:23:04 -0400
You *really* need to define better what you're asking. What kind of
"security" do you have for the portal? For instance, if it's
basic/digest, then it should be fine on the extranet (assuming you have
users on the outside). If it's NTLM/Kerberos, it may have a problem
going through proxies, so you don't want to use them on extranet sites,
usually. A "portal" is usually nothing more than a fancy iframe
framework, but the portal pages are either:
In the former, the request goes right to the extranet site, you'll have
to secure it separately. In the later, you can leverage existing
security (assuming that main-portal.domain.com is on the extranet.
So, there's no quick answer there, sorry.
tel: +1 631 342 3139
cell: +1 813 727 5772
michael.scovetta () ca com
From: info () biledge com [mailto:info () biledge com]
Sent: Wednesday, June 09, 2004 5:27 AM
To: webappsec () securityfocus com
Subject: about portal security
i need to secure a web portal with 7,000 members. certain pages will
and i am not sure if i will need to secure them separately.
if i have security for the portal, does that mean i have security for
part of the portal too ?
thank you for the helps, thank you for no helps too :)
- about portal security info (Jun 09)
- <Possible follow-ups>
- RE: about portal security Scovetta, Michael V (Jun 09)