Synopsis: I have seen quite a bit of confusion out there regarding how to use Secure Store Service for SharePoint 2010. While MSDNdoes have interesting articles, there has been no Alpha to Omega process that shows the relationship to the LOB System, Security Groups representive of the BCS Consumers, BCS Access Account representive of the Credential Owner [Impersonated User], and how to wire it up in SharePoint Designer 2010. This blog hopefully will dispel all fears about Secure Store and answer a MSDN Forum question while at it.
UPDATE: – On 10/14/2012 I have added another blog post Series that will extend this post for SharePoint 2013 employing WCF, .Net Assembly and OData with SharePoint Apps see it HERE
The Blog is broken up into sections
- Prep Work
- Active Directory Users in Play
- The Service Account I am selecting as the Impersonated User (Credential Owner)
- The Security Group where all the people that will consume BCS Data will reside
- SQL Server Security
- Who has Access to What
- Active Directory Users in Play
- Setup
- Creating & Configuring the Secure Store Object
- Creating & Configuring the External Content Type in SharePoint Designer 2010
- Creating External Connection with Secure Store
- Creating the External Content Type
- Reviewing the External Content Type (ECT)
- Reviewing the Security on the ECT
- Test & Validation
- Creating an External List derived from the ECT
- Logging on as a User from the Security Group AND Secured in the permission setting of the ECT
- Logging on as a User from the Security Group NOT Secured in the permission setting of the ECT
http://www.sharepointf*.com/2013/10/14/part-2-of-3-blog-update-on-sharepoint-bcs-with-full-crud/
http://www.sharepointf*.com/2013/10/14/part-3-of-3-blog-update-on-sharepoint-bcs-with-full-crud/