Implementing Security on custom BCS/.net class?
Posted
by Michael Stum
on Stack Overflow
See other posts from Stack Overflow
or by Michael Stum
Published on 2010-04-07T23:11:45Z
Indexed on
2010/04/18
3:33 UTC
Read the original article
Hit count: 512
I'm implementing a custom BCS Model to get data from a backend system. As the backend uses it's own user management, I'm accessing it through a service account.
All of this works well and allows me to pull data into SharePoint. However because it's channeled through the service account, everyone can access it, which is bad.
Can anyone give me some tips which method to implement? The backend does not give me NT ACLs, but I wonder if I could just "fake" them somehow? (Essentially saying "This NT Group has Read Access" is good enough).
I am aware of ISecurityTrimmer2 for Search Results, but ideally I want to cover security inside the BCS Model so that it applies to external lists as well. I want to avoid using Secure storage and mapping each individual user to the backend.
© Stack Overflow or respective owner