OracleAS Single Sign-On can be implemented only in a secure server environment. This means that you must have a security policy in place in your Reports Server configuration file before you can consider implementing OracleAS Single Sign-On with Oracle Reports Services. For more information, refer to Chapter 15, "Securing Oracle Reports Services".
With OracleAS Single Sign-On, your administrator establishes a user identity for each user. The administrator does this in Oracle Internet Directory, through its user interface, the Oracle Delegated Administration Services. You can access Oracle Delegated Administration Services standalone or through Oracle Portal. In either case, the information is saved to Oracle Internet Directory.
The user identity is comprised of the user name and password. Once users are established, data source connection strings may be associated with them. At login, users must enter their user names and passwords (their user identities), which will in turn give them access to all of the data sources associated with those identities. OracleAS Single Sign-On issues a session cookie that effectively acts as a key that opens all authorized doorways for that session.
For detailed information about the requirements and procedures required for setting up SSO-related components, such as Oracle Internet Directory, see Oracle Fusion Middleware Administrator's Guide for Oracle Internet Directory and the Oracle Fusion Middleware Administrator's Guide for Oracle HTTP Server.