>>
>> Looking at Oracles Single Sign On Server (SSO Server)....
>>
>> Seems to be saying that it can log into *any* external web app (given
>> that it knows the username and password and it is an HTML form) and
>> then remember the user upon return to the portal application as well
>> as logging out of the external web app
>>
>> An explanation of implementing a PHP interface to the Oracle SSO
>> server can be found here....
>>
>> http://otn.oracle.com/oramag/webcolumns/2003/techarticles/bennett_php.html
>>
>>
>> It seems to me it is either the SSO Server that is doing the logging
>> in or the SSO server forces the client to do a transparent login over
>> HTTP... anybody know which one?
It looks like the visitor is redirected to the SSO server, which
does authentication and then redirects the user back, probably
with some identification URL variable. Just use the system with a
recording proxy and see for yourself.
>> If the SSO Server is forcing the client to login... how do they do it
>> transparently? And securely?
Ask Oracle.
You might want to take a look at http://a-select.surfnet.nl/
which offers similar features and is available for free for
non-profit organizations (it was developed for the Dutch national
research and education network). They have a very extensive
explanation of the authentication flow, and SSO undoubtedly uses
something similar: http://a-select.surfnet.nl/functional_flows.html
Jochem
--
When you don't want to be surprised by the revolution
organize one yourself
- Loesje
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
