Security

  • Article

The Commerce Server Business Desk Framework supports hiding particular modules in the navigation pane to which a particular user should not have access. This is accomplished using NT file system (NTFS) Access Control Lists (ACLs) on the files that serve as the entry point for each module. For example, if a particular user does not have read permission on the entry point file associated with a particular module, that module will not appear in the navigation pane, and the user will not be able to access it. The user may not even know that such a module exists.

It is important to consider applying the appropriate access control to more files than just the entry point files. A better strategy is to establish the appropriate ACLs at the (Business Desk module) folder level so that all the contained files are similarly protected. This helps prevent users from circumventing Business Desk security mechanisms by trying to directly access module pages other than through the entry point page.

If users try to display a page to which they do not have access rights, a custom Business Desk error page is displayed.

Ee785135.note(en-US,CS.10).gif Note

  • Business Desk Framework does not implement any security mechanisms. Rather, it provides a mechanism for preventing individuals from seeing Business Desk modules that are outside their areas of responsibility. Microsoft Internet Information Services (IIS), Microsoft Windows 2000 (for example, using ACLs and authentication), and Microsoft SQL Server should be used to provide security.

Consider the following additional points when determining security requirements for a particular instance of Business Desk:

  • Most databases allow some type of security to be implemented at the level of the data fields. A new Business Desk module could be written such that it handled data protection at this level; however, the modules that ship with Microsoft Commerce Server 2000 do not implement this level of security, and would need to be modified to do so.

  • Care should be taken to supply the correct ACLs for all relevant Business Desk folders, regardless of whether any module entry point files exist in those folders.

  • If the user connects to Business Desk from the Internet via an unauthenticated session, Internet Explorer prompts for the user name, password, and domain name in order to authenticate the user for the Business Desk application.

  • When the user is already logged onto the local network, an account context is implicit and that context is used for transparent validation of the authenticity of the user.


All rights reserved.