Utveckling av webbapplikation : med fokus kring rättigheter och autentisering i en isolerad miljö

Sammanfattning: This work has been carried out in collaboration with the company IPBNorr, where a web application will be developed with the aim of centralizing two separate tools for increased user-friendliness and easy accessibility. In the work, a general survey is performed on authentication and authorization principles to determine a method that can best perform the job based on prevailing parameters and the context of an isolated environment where the web application is to be implemented in a company’s domain. Based on the fact that these tools require different access levels, a reliable authorization method is needed where rights can be determined in a flexible way so that unauthorized users do not have access to critical tools. The goal of the work is to both centralize these two tools in a web application and determine a reliable authentication and authorization method to secure and control which users have access to what in the web application. An analysis shows that delegated authentication with Integrated Windows authentication is advantageous to use in this case. The end result of the work meant that an implementation of delegated authentication was performed. But more tests need to be done to ensure that authentication and authorization work in a real context.