Sun Java System Portal Server 6 2005Q1 Administration Guide |
Appendix A
SSO Adapter Templates and ConfigurationsThis appendix describes how to configure the single sign-on (SSO) adapter in order to adjust options available to end users.
This appendix contains the following sections:
Overview of the Single Sign-On AdapterThe single sign-on adapter service allows end users to use applications, such as a portal server provider or any other web application, to gain authenticated access to various resource servers after signing in once. The resource servers that can be accessed depend on the implementations of the SSO Adapter interface that are available in the system. Currently, Sun Java System Portal Server provides SSO Adapters for the following resource servers: Address Book, Calendar, and Mail. Single Sign-On for the Instant Messaging channel is not achieved through SSO Adapter but through the use of the Sun Java System Identity Server authentication method. For information on this method, see the authMethod property in Table 17-1. The Address Book, Calendar, and Mail services are available through the products:
Resource servers are typically accessed by an application using a standard application programming interface (API), such as JavaMail for accessing a mail server. To create an authenticated connection using the API, the API must be provided the configuration data for the connection. The purpose of the SSO Adapter is to provide this configuration data, and the SSO Adapter service is used to store that data.
The SSO Adapter service defines two levels of data, templates and configurations. An SSO Adapter template defines a class of connections that are going to be made available to users. A single template is used by many users. It defines data values that are the same for all users that use the template including default values and identification of what values can be edited by a user. Therefore, SSO Adapter templates are defined at a global service level.
An SSO Adapter configuration builds upon a template by providing data values that are specific to an organization, role, or user. A configuration references a template, and takes data values from the template for those properties that are not editable by the user. When an end user changes the user-editable properties of an SSO Adapter configuration, that configuration would then apply only to that one user.
A Sun Java System Portal Server communication channel that uses the SSO Adapter service references either a template or a configuration to get data values needed to obtain a connection to a resource server. If the channel references a template, and the user saves configuration information, the reference is changed to refer to a configuration instead. The configuration then references the template.
SSO Adapter Attributes PageYou can use the SSO Attributes page to administer:
- SSO Adapter Templates—You can create an SSO Adapter template, delete an SSO Adapter template, or modify the properties of an SSO Adapter template.
- SSO Adapter Configurations—You can create an SSO Adapter configuration, delete an SSO Adapter configuration, or modify the properties of an SSO Adapter template.
To Create an SSO Adapter Template
To Create an SSO Adapter Configuration
To Edit SSO Adapter Template Properties
To Edit an SSO Adapter Configuration Property
To Create an SSO Adapter Template
- Log in to the Access Manager Administration Console.
- Select the Service Configuration Tab.
- Click New under SSO Adapter Template to add a SSO adapter template.
The New Template page appears.
- Type a template name and select an existing template from the menu.
- Click Next.
The Template Properties page appears.
- Modify the properties as needed.
- When done, click Save.
To Create an SSO Adapter Configuration
- Click New under SSO Adapter Configuration to add an SSO adapter configuration.
The New Configuration page appears.
- Type a configuration name and select an SSO Adapter template from the menu.
- Click Next.
The Configuration Properties page appears.
- Modify the properties as needed.
Note
You can provide a default Host name which is your MAIL_HOST (DNS name or IP Address), or you can leave it blank.
- When done, click Save.
To Edit SSO Adapter Template Properties
An SSO Adapter template can have the following property types
- Default — You can create, select, or delete a property that is provided by the system on behalf of a the user.
- Merge — You can create, select, or delete a property that is provided by the user.
- Encoded — You can select, or delete a property that is encoded
- Click the Edit Properties link beside the SSO Adapter template to be modified.
The Template Properties page appears.
- Modify the properties as needed.
You can modify the property types by clicking the link under Type.
- When done, click Save.
To Edit an SSO Adapter Configuration Property