SQLTeam.com | Weblogs | Forums

SQL Authentication & Window Authentication


#1

We bought a vendor web application.

In order to log into this vendor's web application, we would have to vpn into our network and use our window's account to login into this app.

I am assuming we VPN in and then use our AD account to Window Authenticate. Once this is done on our side, it uses a single sign-on to access the web application and pass window's account to the vendor web application. Can someone confirms this because I cannot imagine a company would give a vendor direct access to its AD server?

In addition, the vendor also supplied us with one SQL Authentication account to access their report server. I can track which user running which report at the report level because the data sources use Window Authentication.

With that being said, our network security admin shared today using a single SQL Authentication account is unsafe and he wants us to access the vendor's report server through our AD accounts (Window Authentication). How would this be possible? I mean when we log into Facebook, Yelp, Twitter, etc... we are not using Window Authentication. We are most likely using a generated SQL Authentication account (with tables driven), right?


#2

where is this web app being hosted on. when you say you bought it it seems like you are hosting in house, or cloud resource your company oens


#3

good question. It is hosted on the vendor's servers.


#4

So you bought a hosted service would be the right term?

SSO
Single Sign On (SSO) occurs when a user logs in to one application and is then signed in to other applications automatically, regardless of the platform, technology, or domain the user is using.

You need to work closely with your network admin to sort this out. What does your working relationship look like with your network admin?