Your SAS programs, embedded in web apps and elsewhere

regarding authentication

Reply
N/A
Posts: 1

regarding authentication

Hi all,
currently we use default authentication to authenticate users who log into our SAS webapplications.
we would like to integrate SAS with active directory which gives flexibility to change passwords when they first log into web applications.

Can you please shower few ideas on this how this can be achieved.
N/A
Posts: 1

Re: regarding authentication

I'm trying to do the same . I'm on SAS 9.1.3 version,

You can find documentation on those manuals:

Web Application Administration Guide,

bisecag.pdf (Security Administration Guide),

and on the sas  portal: "SAS 9.1.3 Integration Technologies => Server Administrator's Guide"

Frequent Contributor
Posts: 106

Re: regarding authentication

Posted in reply to CamilloCarloFelice

As far as I know that info isn't in the admin guides, but SAS provide very good step by step documentation on configuring the web apps for JAAS. I don't know what version nick22 is on, but this guide is for 9.2 / JBoss:

http://support.sas.com/resources/thirdpartysupport/v92/appservers/ConfiguringJBossWebAuth.pdf

The docs all have similar titles, so googling 'configuring [appserver version] for web authentication with [sas version]' should bring up what you need.

External web auth gets a lot better in 9.2 onwards, as it's actual JAAS integration rather than just passing a url parameter over

Trusted Advisor
Posts: 3,211

Re: regarding authentication

There is a lot on this topic in the security admin guide (yes the bisecag) and some others.

A major technical issue whether you are running SAS services NIX (linux/Unix) or Windows.
IWA (Integrated Windows Authentication) is common with Windows environments but not with mixed ones.

Do you want user to be authenticated from Unix to Windows than there are Samba parts to get involved for an naming translation.

Do you want to build a webfrontend authorization only than also that is possible but the result is using generic group accounts with hardcode passwords for the sas-services. All depends on all requirements for a secure environment.

May be it is also possible to propagate from a central point the password to other systems (LDAP - identity management) 

---->-- ja karman --<-----
Ask a Question
Discussion stats
  • 3 replies
  • 376 views
  • 2 likes
  • 4 in conversation