The following tips help you interpret the
Options tab for a logical workspace server
in SAS Management Console.
-
Changes that you make on this tab
take effect after you refresh the object spawner.
-
Because the displayed settings
are in the metadata, they can affect only metadata-aware connections.
-
The
Use Server Access
Security check box should be selected. This enables standard
access control enforcement for the ReadMetadata permission on the
server definitions.
Note: An exception is if the workspace
server is configured for client-side pooling. In that case, the check
box is disabled and cleared. Server access security is not supported
with client-side pooling.
-
The
Host with
Username/Password setting specifies
that credential-based host authentication is always used. The other
security packages cause IWA to be used for clients that select IWA
(unless cached or stored credentials are available).
-
The
Host with
Username/Password setting doesn't
eliminate prompting for credentials. With this setting, all desktop
applications prompt users to interactively supply credentials in any
circumstance where credentials are needed and are not otherwise available.
-
If you select
SAS token
authentication, you must also select a server launch
credential (on the
Options tab of the server
definition). Configuring a workspace server to use SAS token authentication
can be useful in a multi-host environment.
See Mixed Providers.
-
The
Host with
Username/Password setting can cause
SAS Enterprise Guide and the SAS Add-In for Microsoft Office to silently
store user passwords in metadata. The storage occurs only if the workspace
server is in its own authentication domain (for example, ServerAuth)
and users interactively provide credentials when they access that
server. If both of these circumstances apply to your deployment, consider
selecting
Prompt instead of
Host with
Username/Password.
-
The
Prompt setting is similar to
Host with
Username/Password, but it forces SAS Enterprise Guide
and the SAS Add-In for Microsoft Office to prompt users.