About the Workspace Server's Options Tab

Changes that you make on this tab take effect after you refresh the object spawner.

Because the displayed settings are in the metadata, they can affect only metadata-aware connections.

The Use Server Access Security check box should be selected. This enables standard access control enforcement for the ReadMetadata permission on the server definitions.

The Host with Username/Password setting specifies that credential-based host authentication is always used. The other security packages cause IWA to be used for clients that select IWA (unless cached or stored credentials are available).

The Host with Username/Password setting doesn't eliminate prompting for credentials. With this setting, all desktop applications prompt users to interactively supply credentials in any circumstance where credentials are needed and are not otherwise available.

If you select SAS token authentication, you must also select a server launch credential (on the Options tab of the server definition). Configuring a workspace server to use SAS token authentication can be useful in a multi-host environment. See Mixed Providers.

The Host with Username/Password setting can cause SAS Enterprise Guide and the SAS Add-In for Microsoft Office to silently store user passwords in metadata. The storage occurs only if the workspace server is in its own authentication domain (for example, ServerAuth) and users interactively provide credentials when they access that server. If both of these circumstances apply to your deployment, consider selecting Prompt instead of Host with Username/Password.

The Prompt setting is similar to Host with Username/Password, but it forces SAS Enterprise Guide and the SAS Add-In for Microsoft Office to prompt users.