There may be too many letters in my solution, but I have a couple questions about building a new enterprise application.
Right now I am researching the security approach we will take for a brand spanking new system. Here's what I want to do - does this make any sense or should I slow down on my acronym adoption rate? (I just went through a project using Data, Logging, Exception
blocks in 2.0 and using the membership and role provider - so I'm through some of the learning curve)
- use AD to tie in to existing user logins - all internal domain users
- Create a list of operation, map them to tasks and roles
- Use the Enterprise Library Security Block utilizing AZMan
- Map entity validation to Validation Application Block
- big question here, how is this different than WCF Data Contracts?
- Use Web Service Software Factory (WSSF) to create the WCF interface utilizing all kinds of fun WS-* items to pass security context to the trusted subsystem model provided by AZMan
- use WCF data contracts to help pass entity definitions around
- huge headache on prior project remapping exact datatype from one schema to another
Does this sound reasonable?
Thanks for any feedback!