8
Working with BCS Security
WHAT’S IN THIS CHAPTER?
- Understand server authentication options
- Understand the Secure Store Service
- Understand client authentication options
- Understand claims authentication
Security with regard to authentication and authorization is an integral part of connecting to any system. When you connect to an External System through Business Connectivity Services, security can take on new levels of complexity as user context changes through various security schemes, impersonation, and delegation. Furthermore, the data in External Systems is likely to be valuable or sensitive. BCS developers have a serious responsibility to ensure that appropriate authentication and authorization controls are in place for their solutions. Therefore, a thorough understanding of security scenarios is critical to creating successful BCS solutions.
This chapter presents the different security models and how they affect BCS solutions from Integrated Windows Authentication to claims-based authentication. For each case, some background information is provided, followed by configuration options for BCS. These options will allow you to create BCS solutions that work correctly in your environment.
UNDERSTANDING BDC PERMISSIONS
All the BCS models created in SharePoint Designer or Visual Studio are ultimately stored in the BDC Metadata catalog. Access to the BDC Metadata catalog is managed through the Business Data Connectivity service application. Before examining the various security ...
