Académique Documents
Professionnel Documents
Culture Documents
Authn./Authz.
DaaS
1
4
ISV
Application
User
Roles
7
2
User
Roles
IdP
User
Store
SITA
SSO
Map users right
1 - Portal Access
2 - User Identification Assertion
3 - Redirect to Airport Identity Provider
4 - Authentication
5 - Create session and store user info in SSO Service
6 - Open portal welcome Page (with SSO session context)
7 - Open portal application (with SSO session context)
8 - Application verifies user identity and group rights
SITA
ATI Cloud
DaaS
ISV
Application
1
4
User
Store
IdP
User
Store
User
Store
SITA
SSO
Map users to
10
9
Internal
Virtual
1 - Portal Access
internal users
User
2 - User Identification Assertion
Store
3 - Redirect to Airport Identity Provider
4 - Authentication
5 - Create session and store user info in SSO Service
6 - Open portal welcome Page (with SSO session context)
7 - Open portal application entry page (with SSO session context)
8 - Application entry page verifies user identity and group rights
9 - Application entry page loads corresponding internal user and creates a new session
10 - Redirect to application page using the created session (with internal user session context)
SITA
ATI Cloud
DaaS
ISV
Application
1
3
4
2
IdP
User
Store
User
Store
SITA
SSO
User
Store
Portal
User Store
Map users to
internal users
5
Internal
Virtual
User
Store
1 - Portal Access
2 - Authentication
3 - Open portal application entry page (with Portal session context)
4 - Application entry page verifies user identity and group rights
5 - Application entry page loads corresponding internal user and creates a new session
6 - Redirect to application page using the created session (with Internal user session context)
SITA
ATI Cloud
Disadvantages
User management and authentication is handled in SITA Cloud
Applications user and security context does not match portal
login user and security context
Might create overhead in user administration