Thursday, December 10, 2009

Secure Store Service - Introduction

Secure Store Service is a shared service in SharePoint 2010 that provides functionality to store credentials [1] securely and associate the credential to a specific identity or group of identities. The main objective of the service is to help SharePoint components and/or custom web-part perform Single Sign-On (SSO)[2].

Consider a scenario where a web-part needs to authenticate with external system (such as database). Off course the web-part can ask the user credential when it loads to authenticate. Although it works fine, the user experience will not be that good. The user experience can be enhanced if the web-part stores the credential. To store the credential, web-part would need a secure storage and would have to provide functionality to manage the credential.

What happens if the user does not have access to the credentials? Instead the credentials are managed by the system administrators? How would the web-part deal with expired credentials?

A simple requirement of web-part authenticating with external system can become an extensive feature. This is where Secure Store can be utilized. SharePoint components such as Business Connectivity Services (BCS), Excel Service, Performance Point Service, Search and other services also use Secure Store to solve authentication issues with external system.

Secure Store Service replaces Microsoft Office SharePoint Server 2007 (MOSS 2007) Single Sign-On feature. The name has rightfully changed from Single Sign-On to Secure Store, as this service does not provide the Single Sign-On functionality. Secure Store is available in SharePoint 2010 and SharePoint 2010 Search however is not available in SharePoint Foundation.

[1] Credential: An information (such as username, password) that is verified when presented to a system before the system allows access to its resources.
[2] Single Sign-On: A user can log in once into a system and can gain access to all systems (that he/she has access to) without being prompted to log in to all the systems.


Anonymous said...

Hello, Thanks for nice post. Could you please help me to know how to apply single sign on or SSS for outlook webpart in SharePoint 2010

ADmin said...

Once you've ready the summation go out and arrange supportive click here proof and acknowledgments for embodying pivotal focuses and to give trust to your work.