I want to know if there is any SAS documentation/ experiences out there in using your own 3rd party web server (IIS 7) in a SAS 9.4 middle tier/ SAS VA 7.4 deployment and what deployment steps and configuration steps this would entail. The restriction of using a 3rd party web server is arising from Enterprise SSO integration requirements and the container managed security mechanism that has to be used
Some more questions about this configuration,
--What happens to the SAS 9.4 web server in this case ? Do we have to un-install it and remove it from the middle tier, if we are using a 3rd party web server ?
--Does the 3rd party web server have to be configured as a reverse proxy ? Found some documentation which says this has to be done if you are taking out the web server from the SAS deployment.
--What is the downside of this kind of deployment ?
Besides a full-reverse proxy configuration, you have some alternatives, such as use re-write and redirect rules on IIS, then you can keep all your SAS deployment and SAS Web Server as internal, and let the IIS use those features for you. Most likely, SAS won't support issues with this configuration, but it is widely used, so up to you.
Anyway, IIS redirect/rewrite, or IIS reverse proxy, do not forget to configure the SSL of loading, if required.
For SSO, you will need to ensure that the TGT Kerberos tickets received on the IIS will be passed to the SAS Web Server, so this part is up to you.
If the IIS is on a DMZ, you probably will have trouble on ensuring the delegated user on the domain controller, since DMZ domain controlers are normally not part of a root domain controller.