Analyzing the Deployment Architecture
This deployment requires an OpenSSO Enterprise server, an Identity Manager server, and a Sun Policy Agent installed on the Identity Manager web container. The OpenSSO Enterprise server is configured with two data stores: the OpenSSO configuration data store, and the Sun Directory Server user data store. The user data store is configured in the OpenSSO Enterprise subrealm. The Identity Manager server is configured to use a MySQL server for both Identity Manager configuration and Identity Manager user data.
The following figure illustrates the main components of the deployment.
Figure 12–1 Deployment Architecture for Enabling Single Sign-On Between OpenSSO Enterprise and Identity Manager
The Sun Policy Agent plays an important role in the single sign-on between OpenSSO Enterprise and Identity Manager. In addition to protecting the Identity Manager content pages, it helps map the OpenSSO Enterprise user ID to the Identity Manager user ID.
The following two figures illustrate a typical process flow.
Figure 12–2 Process Flow for Single Sign-On Between OpenSSO Enterprise and Identity Manager (Continued on next page)
Figure 12–3 Process Flow for Single Sign-On Between OpenSSO Enterprise and Identity Manager (Continued)
The following UML use case diagram illustrates the provisioning and retrieval of objects in Identity Manager.
Figure 12–4 Provisioning and Retrieving Objects in Identity Manager
- © 2010, Oracle Corporation and/or its affiliates