BizTalk Server leverages the Enterprise Single Sign-On (SSO) capabilities for securely storing critical information such as secure configuration properties (for example, the proxy user ID, and proxy password) for the BizTalk adapters.
But you can also can keep your own application configuration data in SSO database, let say the usual configurations that we normally keep in a configuration file (“app.config”)). If you’ve been in the BizTalk world long enough, you’ve probably faced this challenge or need and until 2009 there wasn’t an easy way to archive that and Richard Seroter’s BizTalk SSO Configuration Data Storage Tool was the go tool to store and manage Single Sign-On (SSO) applications – this is still a valid tool and if you rebuild the code in the last version of BizTalk Server it still works perfectly.
In this session Sandro announce the birth of a new SSO Application Configuration tool that will provide the ability to easily add and manage configuration applications, add and manage key-value pairs in the SSO database, as well as securely import and export configuration applications so that they can be deployed to different environments.
8. BizTalk Server
Config File
Why?
From a maintenance perspective it is a challenger
just from the fact of keeping files in sync in the
servers;
Security risk: By default, the data will not be
encrypted;
The deployment process can become quite
painful when we need to install on different (E2E,
Testing, Prod) and large environments.
And most important… Environment Security: If you
make any mistakes in that file BizTalk will stop
work!
9. custom
Config File
Why?
From a maintenance perspective it is a challenger
just from the fact of keeping files in sync in the
servers;
Security risk: By default, the data will not be
encrypted;
The deployment process can become quite
painful when we need to install on different (E2E,
Testing, Prod) and large environments.
And most important… you need to additional
specify the PATH for that file!
10. Global System
Environment Variables
Why?
The major problem is that for changes to take
effect you will need to restart the computer witch
will cause huge downtime in your environment.
And there are several problems regarding
maintenance process not to mention Security…
11. Windows
Registry
Why?
From a maintenance perspective storing values in
registry can be hard to maintain in large
environments because we need maintain multiple
registries;
Security risk: By default, the data will not be
encrypted;
The deployment is not ideal but it can be simple
automated.
… not too bad!
12. Custom
Database
Why?
From a maintenance perspective, you will need to
define a maintenance plan and have your DBA
manage this database, you will need to set backup
and restore procedures;
Custom databases are well known as a cause of
bottlenecks in high volume scenarios as they are
often not correctly tuned and optimized.
And most important… you need to additional
specify the PATH for that file!
13. BizTalk Server Business
Rule Engine
Why?
Accessibility: This can also be a disadvantage. The
configuration values can be access by anyone with
access to BRE;
And most important… Security risk: By default, the
data will not be encrypted;
… Second
best option!
14. BizTalk Server
Enterprise Single Sign-On
Why?
Data Security: One of the main advantages is that
you get out-of-the-box encryption;
Accessibility: It is a central store, so all the
configuration values will be the exactly the same
for all BizTalk Servers within your group;
Maintainability: From a maintenance perspective is
extremely simple and you would get the normal
BizTalk fail over/back up processes out-of-the-box
for free!