1
Vote

SQL Authentication and wrong password in documentation

description

Why do you use SQL authentication for the CISFPortal (and windows for all other services), isn't that an extra security risk?
 
Also in the documentation there is a mismatch between the "portal" user(page 8) with a password of "123@abc" but at the end (page 54) the password is "abc@123"

comments

VineetBatta wrote Sep 21, 2009 at 4:46 AM

1)
The userId and password should be one specified by the person deploying this instance of the application. "portal/abc@123" are just place holders to help user understand the step.

2)
To encrpypt sql connection string please refer section 4.9.3 in the same document. You should never have userid/password as plain text.
msdn documnetation link : http://msdn.microsoft.com/en-us/library/ms998292.aspx

This was required for Widget functionality for now.

To use Windows Authentication for Widgets is very much on our list of things to do and likely to be there by RC build.

wrote Feb 13, 2013 at 5:25 PM