SharePoint24x7 It's all about SharePoint.

12Feb/140

Article – Introducing Secure Store Service

Posted by Joy

Secure Store Service (SSS) was introduced in SharePoint 2010. Secure Store Service was introduced as a replacement to Single Sign-On in MOSS 2007. Primary purpose of Secure Store Service is to maintain credentials for target applications on external systems. Single Sign-On is achieved via Secure Store Service.

Scenario – We have to create an Excel workbook with some data/ charts with the data available in our HR system. Excel needs valid credentials in order to access data from that external system. We also need to share the Excel workbook with others via Excel Services in SharePoint. In that case, Excel Services needs a way of accessing data from the HR system via Excel. Secure Store Services allows us to may single or set of credentials to access HR system via Excel Services and Excel.

Secure Store Service also guarantee the security of credentials by encrypting stored credentials using a passphrase.

Usage of Secure Store Services:

  • Custom/ 3rd party applications which connect to external systems
  • Excel Services
  • Business Connectivity Services
  • PerformancePoint Services

Secure Store Service consists of Target Applications. Target Applications maps the credentials of the user to a specific set of credentials. There are multiple types of Target Applications which we can create depending on the scenario:

  • Individual Target Applications – mapping individual accounts (account to account)
    • Individual
    • Individual with Ticketing
    • Restricted Individual
  • Group Target Applications – mapping multiple users to an account (group to account)
    • Group
    • Group with Ticketing
    • Restricted Group

Following steps guide you through of initial configuration of Secure Store Service:

  • Navigate to SharePoint Central Administration web site
  • From the Application Management section, select Manage service applications optionApplication Management
  • Click the link Secure Store Service to go to Secure Store Services service application settings pageService Applications
  • When Secure Store Service is not configured, following message is displayed when navigate to Secure Store Service service application page
    Capture3
  • Secure Store Service requires a key/ pass phrase to encrypt credentials. Generate a new key by clicking a Generate New Key option from the ribbon
    Generate a key
  • Clicking Generate New Key prompts you to specify a new Pass Phrase. Enter a Pass Phrase and click OKPass phrase
  • Once the key is generated, it allows you to create new Target Applications and Refresh the key if you want to change the key laterSecure Store Service settings

Now you are all set to create new Target Applications and use other BI features of SharePoint.