We have a MS SQL BI stack which the standards group wants us to move to "WebSSO" which is based on Computer Associates SiteMinder/netegrity product.
I figure integrating the web component won't be too hard, but we have users which connect to the Database directly - currently using Windows Authentication.
Is is possible to itegrate Computer Associates SiteMinder with SQL Server? With SSAS? If so, how much effort is involved?
It would not be straightforward to try and integrate SiteMinder to provide security for the database directly. Assuming that MS SQL supports a mechanism to plug in another security provider, you would then need to write an agent for SiteMinder that would authenticate and authorize users. If there are not many hooks to provide the agent could be fairly straightforward, but it would take some work.
I think that what Jim recommends is the way to go. Use AD as the user source for both SiteMinder and MS SQL. Then, the same password should work and using Integrated Windows Authentication you would not need to type in an ID and password as well. If you are authenticating against a different source, you could still use directory mapping to map and authorize the user into the web component.
Todd
I have written custom code in the past to externalize security away from relational databases. The approach I used was to hook via XACML and found that this resulted in horrific performance. If you are familiar with entitlements management platforms, it is possible for them to publish the grant/revoke semantics to the database as a subscriber but this is done at initialization not at runtime.