I'm about to start development work on .NET 4.0 winforms application running on top of a Microsoft SQL Server 2012 database.
The number of users supposed to use the application might be any where between 2 to 10 and the application should be able to run either on a single stand alone computer or in an intranet in a windows environment.
in case the application is run on a single computer, each user would log into the application (not into windows) and perform what ever tasks they are authorized to do and then log out of the application.
If the application is configured to run on a small intranet, each user would log into the application from there respective office computers and do what ever they are authorized to do.
So, the application can run on a single none networked machine, where a single windows login account is being shared by staff at the facility but i have a requirement to allow access to certain application functionality depending on who is logged into the application, NOT who is logged into windows as the account might just be shared.
I have previously deployed ASP.NET applications in networked environments and used the SQL Membership, Roles and Profiles provider for authentication and authorization While for winforms apps, i have relied on active directory authentication.
Now with this particular project, i am wondering what the best solution might be. Probably some one here has implemented a solution for such a scenario and can give advice.
I have looked at this http://www.codeproject.com/Articles/27670/Implementing-Application-Security-with-Client-Appl solution but i still want to hear from the SO masses.
ALSO, any recommendation for a better post Title is welcome.
