Oracle & MySQL Support

InfraStack-Labs Oracle & MySQL DBA Services help you manage, maintain, and optimize your critical Oracle systems. We deliver 24/7, year-round support with flexible monthly contracts that don’t lock you in.

Please contact me :- ajith.narayanan@infrastack-labs.in

Wednesday, April 9, 2008

Accessing E-Business Suite Instances with Single Sign-On

Accessing E-Business Suite Instances with Single Sign-On

Oracle Application Server 10g Enterprise Edition, Oracle Internet Directory , Oracle Single Sign-on Server , and the Oracle Single Sign-on Software Development Kit are required to enable Single Sign-On functionality for the E-Business Suite.

Implementing Single Sign-On (SSO) functionality for the E-Business Suite allows organizations to share one user definition throughout multiple parts of their enterprise. Typically, the common user definition is stored in a Lightweight Directory Access Protocol (LDAP) repository such as Oracle Internet Directory (OID). Oracle Internet Directory serves as a central repository for user credentials and other user information for all Oracle products, including Oracle Application Server 10g Enterprise Edition and Oracle Portal. This user information is periodically synchronized with the E-Business Suite instance through a combination of Oracle Workflow and Oracle Applications patches.

Oracle Single Sign-on Software Development Kit (SSOSDK) release 9.0.2 is required to support Oracle Single Sign-On 10g integration with the E-Business Suite. It allows the E-Business Suite to register as a partner application to the Oracle Single Sign-On Server, giving users the ability to access other registered partner applications with a single credential (for example, a username/password combination). It is expected that Oracle will upgrade this partner application integration method to use mod_osso in future versions of this integration.

As a partner application, the E-Business Suite also supports Single Sign-Off. Release 11i users can simultaneously terminate a Single Sign-On session and log out of all active partner applications by logging out of whatever application they are working in. Selecting Logout in a partner application returns users to the Single Sign-Off page, where logout occurs.


SSO Components

Applications

Partner

External

Centralized SSO Server

Verfies SSO password

Sets SSO cookie at client

External app username/password store

Username/Password managed in LDAP directory

Oracle Internet Directory (OID)

Other LDAPv3 directory requires OiD gateway

Users provisioned through OID Delegated Administrative Services (DAS)

No comments:

Post a Comment

Thanks for you valuable comments !