The Portal has been configured to use Basic Authentication. This requires users to enter usernames and passwords in the browser before gaining access to the application.
The browser prompts the user for a user name and password when the Portal is opened. Once these credentials are authenticated, IIS accesses SQL Server via a single user rather than using the client’s credentials which require delegation to pass them through to the SQL Server.
All connections to the Portal’s web server are still encrypted using SSL which ensures that Basic Authentication remains as secure as Windows Authentication.
-
No delegation configuration is required.
-
Only one user needs to be configured for SQL Server access.
-
The Syncsort Capacity Management Portal can be deployed to the internet rather than being limited to an intranet.
The disadvantages are:
-
Target level security uses SQL Server roles, however with Basic Authentication all users that access a site share the same account when accessing SQL Server (the access rights that have been assigned to the IIS machine account).
A workaround is to create a new web site for each set of privileges required. If this is required, refer to "Appendix G Creating Multiple Sites for the Syncsort Capacity Management Portal" of the Syncsort Capacity Management User guide.