Oracle AppsLab - Latest Comments in Opensocial with SSO for corporate users

Re: Opensocial with SSO for corporate users

Anthony Lai — Wed, 04 Jun 2008 19:03:58 -0000

The secure token being generated by Connect contains the user credentials for which service providers can authenticate and verify the user identity.

Re: Opensocial with SSO for corporate users

Anthony Lai — Wed, 04 Jun 2008 18:22:21 -0000

Hi Gopi,
Nope. SAML is the right thing to do for authentication between external and internal domains.
For the case above, everything is still under firewall, and we are leveraging single-sign on to allow different internal service providers to communicate to each other without having the user to authenticate to each service.
Thanks.
Sincerely,
Anthony

Re: Opensocial with SSO for corporate users

Dongwei — Wed, 04 Jun 2008 08:22:16 -0000

Hi Anthony, I like this solution too! Easy to implement, high security. But I doubt if it is technically feasible that "Connect acts as a proxy and forward the request along with the user credentials to the backend server, and the user is already authenticated. " What do you mean by "user credentials" here? is it SSO token? My knowledge on Oracle SSO is limited. I do not know whether Connect can fetch this and forward to another application. If it is possible, this solution is very cool!

Re: Opensocial with SSO for corporate users

gpadakandla — Sun, 01 Jun 2008 12:49:38 -0000

Hi Anthony,

Good article.

In some my customer implementations we used Enterprise SSO solution like Oblix for internal apps authentication and then SAML for external (SaaS/externally hosted) apps to authenticate with the internal identity store. Is the integration pattern that you explained in this blog is similar to this pattern?

Regards,
Gopi Padakandla
Blog : http://www.enterprise20link.com/