Books/resources on authentication and authorization in layered applications

Posted by Tommy Jakobsen on Stack Overflow See other posts from Stack Overflow or by Tommy Jakobsen
Published on 2010-05-16T21:26:32Z Indexed on 2010/05/16 21:30 UTC
Read the original article Hit count: 219

I've been trying to find resources and guidelines for implementing authentication and authorization in multiple layered architectures (C#), but haven't found any "best practices" or patterns to use. And I figured, that there must be some patterns for this, as it is a pretty important area?

The application that we're developing, is layered traditionally, having

  • data layer (Entity Framework 4)
  • repositories
  • domain layer
  • service layer (can be WCF, with data transfer objects)
  • multiple clients consuming the WCF service (ASP.NET [MVC], Silverlight, WPF) and clients accessing a service layer directly (no WCF)

Are there books/articles/blogs that dig deeply into this area? Primarily about authorization such as handling multiple roles and attributes attached to users).

It doesn’t have to be specific for the .NET Framework, but it would be preferred.

© Stack Overflow or respective owner

Related posts about c#

Related posts about .NET