1 — Overview

[Previous] [Next] [Contents] [Index]

This chapter introduces the Entegrity^® NetCrusader/Web Authorization Object. The NetCrusader/Web Authorization Object allows Web developers to easily make authorization (access control) decisions inside applications using scripting languages such as VBScript, JavaScript, or JScript developed using Active Server Pages (ASP). With the NetCrusader/Web Authorization Object, you have access control over sub-page level objects such as HTML elements and images.

This chapter includes the following sections:

1.1 Overview of the NetCrusader/Web Authorization Object
1.2 Prerequisites

1.1 Overview of the NetCrusader/Web Authorization Object

The NetCrusader/Web Authorization Object enables you to use web scripting languages such as VBScript, JavaScript, and JScript to write web applications that:

Authenticate a user (forms-based login).
Allow web users to sign on only once (web single sign-on).
Log a user off (session management).
Define and use a custom object model (object models are described in Chapter 4).
Define and create custom user attributes (for example, define a new user attribute called CellPhoneNumber).
Retrieve user attributes.
Define and use a custom permission model (also called an ACL model, described in Chapter 4).
Make access control decisions (that is, perform authorization).
Manage users and groups (user-base management). You can create users, delete users, add users to a group, delete users from a group, retrieve a group list for a group to which the user belongs, retrieve the user list for a group, change users' passwords, set user attributes, retrieve user attributes, or provide the user with the ability to change a password.

1.1.1 How the Authorization Object is Implemented

The NetCrusader/Web Authorization Object is implemented as a COM (Component Object Model) object.

The NetCAuth COM object contains a set of functions to allow ASP applications (using VBScript, JavaScript, or JScript, for example) and generic program languages such as Visual Basic and C++ to access the features of NetCrusader/Web.

1.1.2 Why Use the NetCrusader/Web Authorization Object?

The NetCrusader/Web Authorization Object is a powerful, easy to use, and self-contained interface that greatly simplifies access to the features of NetCrusader/Web. You can use JavaScript, JScript, or VBScript to develop sophisticated, security-aware applications.

The NetCrusader/Web Authorization Object is self-contained; that is, it stores all runtime variables such as handles and credentials internally so that once it's initialized, its callers do not need to maintain any of that information, but instead maintain just one single handle to an instance of the object.

Finally, the dynamic model-loading feature gives you great flexibility in defining and using access models.

1.2 Prerequisites

The NetCrusader/Web Authorization Object requires the following:

Windows NT 4.0 Server (SP3 or greater), Windows 2000 Server, or Windows 2000 Advanced Server
NetCrusader/Web Version 4.0
Microsoft IIS 4.0 (or version 5.0 on Windows 2000 Advanced Server) with Active Server Pages (ASP) installed and Secure Sockets Layer (SSL) activated.

NOTE: SSL encryption requires a server certificate to be installed on the server.

To use the single sign-on and session management features of the Authorization Object, the client browser must support cookies.

[Previous] [Next] [Contents] [Index]

To make comments or ask for help, contact support@entegrity.com.

Copyright © 2000-2002 Entegrity Solutions Corporation & its subsidiaries