IT tutorials
 
Technology
 

Sharepoint 2013 : Using BCS (part 5) - Defining external systems connections

11/20/2013 2:36:12 AM
- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019

3. Defining external systems connections

To create an external system definition, you need to know which protocol to use to connect to the external content, known as the data source type, and the authentication method to use, as well as the operations you want to use on the data. The following data source types can be used (these define the connector that the BDC server run time will use to connect to the external system):

  • Databases, including SQL Server and SQL Azure

  • Cloud-based services

  • Windows Communication Foundation (WCF) endpoints

  • Web services

  • .NET assembly that gathers data from multiple sources

  • All OData sources, including any SQL Server data source that is surfaced via OData

  • Custom external systems that have a nonstatic interfaces that change dynamically

The authentication methods that the BDC server run time uses to retrieve, modify, and delete, if appropriate, the data from the external systems are:

  • User’s identity (also known as PassThrough) . When a user requests a SharePoint page that displays data from an external system, SharePoint sends the user’s credentials to the external system, which uses that identity to decide whether the user is allowed access or not. If you use Windows authentication and have a single server SharePoint farm and the external system is installed on that server, then using the user’s identity works well. However, to use Windows authentication in any other configuration, the user’s identity has to make one hop from the user’s computer to the SharePoint server and another hop from the SharePoint server to the external system. This double hop requires the configuration of Kerberos in your environment.

    The other disadvantage of using the user’s identity is that if the external system is a SQL database, it causes a new SQL connection pool to be created for each user who is using the ECT to access the external content, which can cause performance issues. Connection pooling can be disabled, which can also affect performance.

  • Impersonate Windows identity . Specific Windows identities are used to authenticate with the external system. This Windows identity could be the same for all users or there could be some mapping mechanism, so the user requesting the content from SharePoint is matched to a different Windows identity that is passed on to the external system. To use this and the next authentication method, an application that does this mapping is required. If you are using SharePoint Server 2013, you could use the SSS application, or if you are using SharePoint Foundation, you will have to write your own equivalent system.

  • Impersonate custom identity . These could be credentials mapped in a database or could be claims-aware identities, which are sent to the external system.

  • BDC identity (also known as RevertToSelf) . SharePoint reverts to the web application’s application pool identity to authenticate with the external system. This user name has a high level of privileges on a SharePoint installation. Any user who can create or edit a BDC Identity model can make themselves an administrator of SharePoint. Therefore, Microsoft does not recommend the use of this authentication mode and it is disabled by default. When a user tries to import or change the authentication mode to RevertToSelf, an error message displays. The error message that displays when using SharePoint Designer is shown in Figure 11.

A screenshot of a Microsoft SharePoint Designer dialog box displaying the RevertToSelf.

Figure 11. The BDC Identity (RevertToSelf) Import error dialog box.

When to use RevertToSelf authentication mode

You should use the RevertToSelf authentication mode in a production environment only when all the following conditions are true:

  • You are using SharePoint Foundation 2013.

  • You do not have resources to create a custom SSS.

  • You trust all the people who use SharePoint Designer as completely as if they were SharePoint administrators.

  • The application pool account is locked down so that the attack surface exposed to a malicious user of SharePoint Designer is limited.

RevertToSelf can be turned on by code or by using Windows PowerShell, as shown in the following example, where the variable BCSName is the name of your BCS application:

$bcs = Get-SPServiceApplication | where {$_.displayname –eq $BCSname};
$bcs.RevertToSelfAllowed = $True;

Although the BDC server run time would use the application pool ID to retrieve data from the external system no matter which user wants to display the external content, remember that permission settings on the BDC service application can be used to restrict access to the external content.
 
Others
 
- Sharepoint 2013 : Using BCS (part 4) - Creating a BDC service application
- Sharepoint 2013 : Using BCS (part 3) - Presenting external content - Using external data columns
- Sharepoint 2013 : Using BCS (part 2) - Presenting external content - Creating and managing external lists
- Sharepoint 2013 : Using BCS (part 1)
- Sharepoint 2013 : Connecting SharePoint 2013 with external systems
- Sharepoint 2013 : Using external content in SharePoint
- Windows 7 : Using Internet Explorer 8 - Effectively Searching the Web
- Windows 7 : Using Internet Explorer 8 - Customizing the Browser and Setting Internet Options (part 5) - Controlling Objectionable Content
- Windows 7 : Using Internet Explorer 8 - Customizing the Browser and Setting Internet Options (part 4) - Blocking Pop-Ups and Pop-Unders
- Windows 7 : Using Internet Explorer 8 - Customizing the Browser and Setting Internet Options (part 3) - Setting Security and Privacy Preferences
 
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
Technology FAQ
- Is possible to just to use a wireless router to extend wireless access to wireless access points?
- Ruby - Insert Struct to MySql
- how to find my Symantec pcAnywhere serial number
- About direct X / Open GL issue
- How to determine eclipse version?
- What SAN cert Exchange 2010 for UM, OA?
- How do I populate a SQL Express table from Excel file?
- code for express check out with Paypal.
- Problem with Templated User Control
- ShellExecute SW_HIDE
programming4us programming4us