Wednesday, April 3, 2013

Secure Store Service


The Secure Store Service is an authorization service that runs on an application server. The Secure Store Service provides a database that is used to store credentials. These credentials usually consist of a user identity and password, but can also contain other fields that you define. For example, SharePoint Server 2010 can use the secure store database to store and retrieve credentials for access to external data sources. The Secure Store Service provides support for storing multiple sets of credentials for multiple back-end systems.

How to do

1.     Create database “BCSForSharepoint2010” and create table “Customers” follows as:
2.     Open Sharepoint Designer 2010, connect to your site. In left panel, click to External Content Types, then click to External Content Types on Ribbon >> Click to External Content Types Icon
3.     Click to “Click here to discover external data sources and define operations…”
4.     Click to Add Connection
5.     On dialog, choose SQL Server at “Data Source Type” dropdown list
6.     Input your Database server, database name
7.     Here is all table of database. Click to Customer table | Create All Operations
8.     Click Next
9.     Choose CustomerID column and check to “Show In Picker”
10.  Choose CustomerName column check to “Show In Picker” of each column.
11.  Choose CustomerPhone column check to “Show In Picker” of each column then click Next
12.  Click to Finish
13.  On ribbon, click to “Create Lists & Form”
14.  Click to yes when dialog appear
15.  Configure follow as:
16.  Go to central admin >> Application management >> Manage services application on Service Applications section >> Business Data Connectivity Service >> Click to Set Object Permissions
17.  Input your account which have full permission
18.  Go to your site collection, you will see Customer List and all item form SQl Server
19.  Go to central admin >> Application management >> Manage services application on Service Applications section >> Secure Store Service
20.  Before proceeding further we have to generate a key by clicking on Generate New Key from ribbon and it will popup page section, you need to provide a Pass Phrase, based on that Secure Store Service will create encrypted. Also remember there is no way to retrieve Pass Phrase. From ribbon, click on the New button
21.  Create new Target Application and enter Target Application ID, Display Name, Contact Email, Target Application Type and Target Application Page URL
22.  Input The first Field name SQLUser with Field Type: User Name. The second Field name SQLPassword with Field Type: Password then click Next
23.  Input your account with Full Control
24.  Go back Sharepoint designer. Click to the New External content type which was created
25.  Click to BCSForSharepoint2010 external system
26.  From Authentication Mode, Change to Impersonate Custom Identity. Input “CustomerSSO” Target Application ID
27.  Go back to your Site collection, click to Customers list you will see the “Click here to authenticate “ link then click to it
28.  Click to Continue to this Site
29.  Go to SQl server, create new user “test” and mapping “BCSForSharepoint2010” database
30.  Back to site collection, on current UI input SQLUser and SQL Password
31.  Access successful!!!
32.  Sign in as Different User
33.  Access denied with another user
34.  Go back permission of BCS, only hungdo have permission
35.  Add new other user with full permission on BCS
36.  Go back to site collection with new user, and have permission to access


Post a Comment