Jiwa

[nathan.mcdonald]

Hi All,

This is the second request from a different client today to have Jiwa setup so the username and password uses Windows Password Authentication etc.

Your thoughts appreicated.

Nath

[Mike.Sheen]

uses Windows Password Authentication

We'd need to modify the software... and somehow tie a domain user to a jiwa login - it'd be ugly when you want to take a customer's database and play with it off-line - you simply could not do it.

We certainly *could* make the change, but it'd be a real pain for the channel in how customers are supported, let alone the extensive changes to the software.

[jiwameister]

uses Windows Password Authentication

We'd need to modify the software... and somehow tie a domain user to a jiwa login - it'd be ugly when you want to take a customer's database and play with it off-line - you simply could not do it.

We certainly *could* make the change, but it'd be a real pain for the channel in how customers are supported, let alone the extensive changes to the software.

Hi Mike,

Actually - I don't know if this would necessarily be the case, as you could actually use the windows authentication at application level, not as SQL level which i think you are suggesting here. for example - you could easily authenticate the application against Active Directory authentication providers to log in to the application. I think there could be a mix of Windows Auth and traditional login's.

It would certainly make username passwords easier to remember, perhaps even allow for silent logins (pass windows auth straight through) if that would not cause any security issues..

[Mike.Sheen]

Hi Mike,

Actually - I don't know if this would necessarily be the case, as you could
actually use the windows authentication at application level, not as SQL level which i think you are suggesting here. for example - you could easily authenticate the application against Active Directory authentication providers to log in to the application. I think there could be a mix of Windows Auth and traditional login's.

It would certainly make username passwords easier to remember, perhaps even allow for silent logins (pass windows auth straight through) if that would not cause any security issues..

I'm open to education here... I've done some research into this, but at the end of the day I still need to create a connection string, don't I ?

So, I connect with a domain login instead - but how does SQL know user XYZ from domain ABC has read+write access to the required Jiwa tables ?