This question is coming from our netops team… I believe the answer is no, but looking for a confirmation and more information:
In a pure windows environment, is there a way to have a client (like IIS, a windows service, etc) authenticate with EventStore automatically though NTLM (SSPI), using the identity that the client application i running under?
If so, how?
If not, what is the recommended practice for securing credential secrets when authenticating to EventStore from .NET API clients through development, QA, staging, and production? Do we need to roll our own password encryption using certificates, or do something else? Plain text credentials should not be an option.