Scribd Logo
Importer

Bienvenue sur Scribd !

  • Case 1: Full Integration With SITA SSO: Authn./Authz

    Transféré par

    Anonymous d5c5nzj2Yd
    91 vues6 pages
    Single sign on. Authentication.

    Titre original

    SSO Alternatives

    Copyright

    © © All Rights Reserved

    Formats disponibles

    PPTX, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    Single sign on. Authentication.

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PPTX, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    91 vues6 pages

    Case 1: Full Integration With SITA SSO: Authn./Authz

    Transféré par

    Anonymous d5c5nzj2Yd
    Single sign on. Authentication.

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PPTX, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 6

    Case 1: Full Integration with SITA SSO

    Authn./Authz.

    DaaS

    1
    4

    ISV
    Application
    User
    Roles

    7
    2

    User
    Roles

    IdP
    User
    Store

    SITA
    SSO
    Map users right

    1 - Portal Access
    2 - User Identification Assertion
    3 - Redirect to Airport Identity Provider
    4 - Authentication
    5 - Create session and store user info in SSO Service
    6 - Open portal welcome Page (with SSO session context)
    7 - Open portal application (with SSO session context)
    8 - Application verifies user identity and group rights

    SITA
    ATI Cloud

    Case 1: Full Integration with SITA SSO


    Advantages
    Users maintained at the client IdP
    No authentication is handled within SITA Cloud
    All portal applications receives the same user and
    security context
    Disadvantages
    All portal applications must be adapted to support SSO
    authentication

    Case 2: Front end integration with SITA SSO


    with internal virtual users
    Authn./Authz.

    DaaS

    ISV
    Application

    1
    4

    User
    Store

    IdP

    User
    Store

    User
    Store

    SITA
    SSO
    Map users to

    10
    9
    Internal

    Virtual
    1 - Portal Access
    internal users
    User
    2 - User Identification Assertion
    Store
    3 - Redirect to Airport Identity Provider
    4 - Authentication
    5 - Create session and store user info in SSO Service
    6 - Open portal welcome Page (with SSO session context)
    7 - Open portal application entry page (with SSO session context)
    8 - Application entry page verifies user identity and group rights
    9 - Application entry page loads corresponding internal user and creates a new session
    10 - Redirect to application page using the created session (with internal user session context)

    SITA
    ATI Cloud

    Case 2: Front end integration with SITA SSO with


    internal virtual users
    Advantages
    Users maintained at the client IdP
    Applications with no SSO support can be integrated
    Disadvantages
    Applications user and security context does not match
    portal login user and security context
    Might create overhead in user administration
    Most complex case

    Case 3: Front end SSO handled within portal


    with internal virtual users
    Authn./Authz.

    DaaS

    ISV
    Application

    1
    3

    4
    2

    IdP
    User
    Store

    User
    Store

    SITA
    SSO

    Copy users from


    LDAP

    User
    Store

    Portal
    User Store

    Map users to
    internal users

    5
    Internal
    Virtual
    User
    Store

    1 - Portal Access
    2 - Authentication
    3 - Open portal application entry page (with Portal session context)
    4 - Application entry page verifies user identity and group rights
    5 - Application entry page loads corresponding internal user and creates a new session
    6 - Redirect to application page using the created session (with Internal user session context)

    SITA
    ATI Cloud

    Case 3: Front end SSO handled within portal with


    internal virtual users
    Advantages
    Simple implementation
    No dependency to SITA SSO service
    No dependency to Airport IdP

    Disadvantages
    User management and authentication is handled in SITA Cloud
    Applications user and security context does not match portal
    login user and security context
    Might create overhead in user administration

    Vous aimerez peut-être aussi