HelloI'm a new guy to Node and webdev and I need some helpI need to provide windows active directory SSO for the webapp, so if a user is not in a specific AD group, they would see an 'access denied' page. I found I can do with node-sspi like this - get a connected users' list of AD groups and check if there is an allowed access group on a list or not. If not I display an error. I'm not sure if it an efficient way to do this kind of authentication or not. Would be happy to see some other ways to achieve SSOBut also I have to use a functional ID to connect to MS SQL Server to do set of REST functions, right now i'm using next modules - mssql with tedious driver. And it require to specify login and password in a config object like this :const config = { user: '...', password: '...', server: 'localhost', database: '...', } and here I have a problem with how to secure my functional ID's login and password - I tried to use Environmental Variable, store config in another config files and add this file in git ignore. But our architects don't like this way, they want to have a SSO for this functional too, they don't want to have functional id's password hard-coded at all.There is my main question - How would you make connection to MSSQL DB with functional ID without specifying password?Thanks for any advise
Submitted February 08, 2018 at 08:28PM by BobsView
No comments:
Post a Comment