Authentication and Single Sign

More documents

Recommendations

Info

Security Assertion Markup Language (SAML) SAML is a protocol for encoding security related information (assertions) into XML and exchanging this information in a request/response fashion SAML does not authenticate users – comparable to SAP Logon Ticket SAML relies for message exchange on standard security protocols like SSL, TLS and uses XML signatures SAML authorities produce “assertions” in response to client requests. An assertion can be either an authentication or an authorization assertion • Authentication assertion: piece of data that represents an act of authentication performed on a subject (user) by the authority • Authorization assertion: piece of data that represents authorization permissions for a subject (user) on a resource SAML can be used for authentication and authorization requests and assertions SAML is an emerging OASIS standard © SAP AG 2005, Authentication and Single Sign On / Patrick Hildenbrand / 26
SAML – SSO Process Authentication Authority (Source Web Site) 5. Assertion Intranet ERP 4. Pull assertion Initial logon 1. Call transfer URL 2. Redirect URL + artifact Internet ESS 3. Access 6. Resource Authenticate once Access Groupware ... © SAP AG 2005, Authentication and Single Sign On / Patrick Hildenbrand / 27
Page 1 and 2: Authentication and Single Sign-On P
Page 3 and 4: Authentication Identifies a Subject
Page 5 and 6: Why Use Single Sign-On? Typical sit
Page 7 and 8: What the Administrator Wants … Ce
Page 9 and 10: Web-Based Authentication Methods
Page 11 and 12: Authentication and SSL with X.509 C
Page 13 and 14: Obtaining a X.509 Certificate Digit
Page 15 and 16: SAP Logon Tickets - SSO Process Por
Page 17 and 18: What is a SAP Logon Ticket • SAP
Page 19 and 20: SSO to Non-SAP Components Using SAP
Page 21 and 22: Multi Domain SSO Recommendation:
Page 23 and 24: Adding the User Name Header • The
Page 25: Header Based Authentication Best Pr
Page 29 and 30: Pluggable Authentication Service (P
Page 31 and 32: Pluggable Authentication Service: A
Page 33 and 34: JAAS Authentication J2EE Browser Wi
Page 35 and 36: Single Sign-On for SAP GUI for Wind
Page 37 and 38: SSO From Web to Traditional - ITS
Page 39 and 40: Prerequisites 1) Users have the sam
Page 41 and 42: System Preparation 1. Export Portal
Page 43 and 44: Agenda Authentication and Identitie
Page 45 and 46: Single Sign-On Possibilities Authen
Page 47 and 48: Further Information Public Web: ww

Authentication and Single Sign

Create successful ePaper yourself

Delete template?

Save as template?