One of the new Metacoda Security Plug-ins features arriving in version 6.1 is the Auth Domain Reviewer. Like the other reviewers, this plug-in is used for investigating, documenting and testing how a SAS metadata security feature has been used within a particular SAS platform deployment. When I’m reviewing metadata security for a SAS platform I like to look at it from several different perspectives and authentication domains is one of them. I like to see:
- What authentication domains have been added beyond the initial DefaultAuth?
- How have they been used with respect to inbound logins?
- How have they been used with respect to outbound logins and providing shared credentials for database access?
- How have they been used with respect to 3rd party database system connections?
- Are there any unused ones, possibly added by accident, that can be cleaned up?
- Are there any seemingly duplicate ones that might be consolidated?
In the past it has been time-consuming to gather this information together, so this new plug-in Continue reading “Metacoda Auth Domain Reviewer”