Need help witih outside customer authentication ideas.
Here is my situation. My company has thousands of customers. We have some old legacy ecommerce applications we are moving off of that had local authentication and it was maintained on a per customer basis.
We are trying to figure out how going forward to controll access to our company resources that customers might need access to through a single logon. Here are some exmples.
1. We have an image repository with a shopping cart and customers may want to grab images and download them for use on their own websites but this repository needs to be authenticated to. It can use ldap.
2. The Ecommerce site I mentioned needs authentication possibly ldap there.
3. Possibly other resources our customers may need access to.
So, I've mentioned LDAP in the above comments which leads me to AD. How do companies manage logins by people that are not an employee of their company? Is it possible to create a seperate domain and use trusts to allow access to multiple resources?
We can't be the only one's that have this problem.
Thanks..
We are trying to figure out how going forward to controll access to our company resources that customers might need access to through a single logon. Here are some exmples.
1. We have an image repository with a shopping cart and customers may want to grab images and download them for use on their own websites but this repository needs to be authenticated to. It can use ldap.
2. The Ecommerce site I mentioned needs authentication possibly ldap there.
3. Possibly other resources our customers may need access to.
So, I've mentioned LDAP in the above comments which leads me to AD. How do companies manage logins by people that are not an employee of their company? Is it possible to create a seperate domain and use trusts to allow access to multiple resources?
We can't be the only one's that have this problem.
Thanks..
Comments
-
joelsfood Member Posts: 1,027 ■■■■■■□□□□DMZ/client facing servers should have their own domain that is either untrusted, or at most a one way, non-transitive trust.