Monday, January 7, 2008

BDC authentication RevertToSelf

Recently there is a case where we need to use BDC to generate some views from our sqlserver database. We have a database with a sqlserver serviceID. However, we do not want to setup SSO. One of the developers is supposed to provide a solution to this view since I was on vacation. He used Passthrough as the AuthenticationMode in the BDC application definition. However, that is not a viable solution considering we have no access to the database and we do NOT want to keep adding IDs to the database, adds an extra step to maintenance. (It actually pisses me off to some extend since he didn't even bother to figure out a workable solution for our particular environment.)

Anyhoo, using RevertToSelf would work in our particular case. In the RevertToSelf scenario, the BDC will be using the application pool account to reach out to the database. We only have to give access to this one account in the database. Saved us a lot of time. In addition to putting this ID for access to the database, this ID also needs access to the BDC Entity on the SSP page (SSP > Business Data Catalog Applications > YourLOBSystem > YourView > Manage Permissions). Also noticed that other domain IDs that try to access the BDC list webpart also needs to have their IDs here! ...

1 comment:

Muneeb said...

Very nice! Straight & to the point...