Wednesday, May 3, 2006

Storing Usernames, Passwords in SSODB Database using MMC 3.0


Whenever we work on BizTalk projects we feel why there is no provision for App.Config file so that one can store Key/Value pairs in it. So to have a work around for it we save key/value pair in Btsntsvc.exe.config file.
It is one of the easiest work around.
1. But can you store sensitive data like your domain password in a  place which is visible and accessible to all.
2. Do you feel changing btsntsvc.exe.config file is right from developer point of view.
I do feel your answer is No…not at all. Well in such scenario SSODB comes in picture. The key/value pair is stored in encrypted format so nobody can access sensitive data. No btsntsvc.config file is involved in it. Single Sign-On database (SSODB) is a standard Database which gets installed while one installs BizTalk Server.
My Dummy Solution contains 3 projects.
1. SSODB Helper class to query SSODB.
2. MMC3.0 Snap-in for Administrators to add key/value pairs.
3. Windows Form to test the SSODB helper class.
We can user SSODB Helper class in our Orchestration to get any key/value pair. I won’t get into technical details of how to develop it. MMC 3.0 developments with C# is not officially supported by Microsoft. "Sample Snap In" development code can be downloaded from Microsoft site.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/managedMMC/html/a335f609-a929-449a-86f6-29ac7c227709.asp
I had a thread running regarding Developing "MMC 3.0 Snap IN" at
http://groups.google.com/group/microsoft.public.management.mmc/browse_thread/thread/88b4e3da49af3ceb/71f5ee87514f63ac?lnk=gst&q=mmc3.0&rnum=12&hl=en#71f5ee87514f63ac
 The Snap-In looks like the one below. One can create Application…which in turn contains Key/value pairs. SSODB stores in terms of Application Name-ConfigName-Key/value pairs. So one Application can contain more then one ConfigName which contains many key/value pairs. For simplicity I had only one ConfigName which contains many key/value pairs. So in my current solution I have no Provision for multiple ConfigNames.
SSO
One needs to first Add an Application. A new application with name “NewChild”. One needs to rename it to the Application Name one wants. Application Names are user friendly names…So you can name it as per your convenience. Then one can add key/value pair. It’s worthwhile to work with SSODB and its pretty challenging. Queries and Bugs are always welcomed.
Sample is available at.
http://www.codeplex.com/NishSSODB/Release/ProjectReleases.aspx?ReleaseId=4438
How to use the Sample
Open the solution
press F5
A new window pops up.
Press Button1.
A new application by the name "NISHILAPP7" is created in SSODB.
The Windows Form is just for you to understand what is SSODB.
I have just coded to create one Application in SSODB in that Form.
You can customize it as per your needs.
You can install the SnapIN. Through that SnapIn one can add Application,key value pair.
How to install SnapIn.....refer Sample SnapIN ..MSDN link above.
You can use SSODB helper class to get the value for specific keyname.