When Lucity programs connect to a SQL Server or Oracle database, they have to send login credentials. Because these credentials are usually sent out over a network, there is a possibility they could be intercepted.
Lucity provides several different options for managing configuration information.
Managing Database Connection Information
The connection encryption can be managed using:
A centrally managed desktop gateway - Enables an administrator to make changes in a single location and automatically download those changes to each workstation. (This is the default setting.)
Manual configuration - Requires an administrator to visit each machine to make changes to the database connection configuration.
Database Connection Encryption
Once an agency has decided how to manage the connection information, it can choose one of two methods for encrypting the connection credentials:
Integrated security - Uses Windows authentication (through an active directory group) to encrypt and send connection credentials to the database.
Unencrypted credentials - Give users access to a very limited set of stored procedures, rather than the entire database. The database password is saved in an unencrypted file.
Important: The ideal configuration is to use a Centrally Managed Desktop Gateway and Integrated Security.
Defaults
SQL Server - Centrally Managed, Integrated Security
While installing the client or reviewing the settings, look at the database information.
Make sure the Centrally Managed Desktop Gateway setting is set to True.
Make sure the Integrated Security for Desktop Gateway setting is set to True.
In the Active Directory Group for Gateway setting, enter an Active Directory group or click the drop down arrow for a list of groups.
Provide the Web Gateway login credentials in the Gateway Login ID and Gateway Login Password fields. (This is used to generate the Gateway account; it is NOT saved in the Config folder.)
While Installing the client or reviewing the settings, look at the GBAUser database settings.
Make sure the Centrally Managed Desktop Gateway setting is set to True.
Make sure the Integrated Security for Desktop Gateway setting is set to False.
Enter the Web Gateway login credentials in the Gateway Login ID and Gateway Login Password fields. (This information is used to generate the Gateway account, which is then saved (unencrypted) in the Config folder.)
How to set up centrally managed integrated security