Sun OpenSSO Enterprise 8.0 Deployment Planning Guide

Simple Single Sign-On

In a simple single sign-on example, the SiteMinder instance is already deployed and configured to protect some of the enterprise applications in a company intranet. In the architecture figure below, the legacy application is contained in the Protected Resource . The company wants to continue leveraging the legacy SiteMinder deployment as the authentication authority. The company also wants to add OpenSSO Enterprise to the environment to leverage its advanced features such as identity federation, XACML policies, web services, and so on. An OpenSSO Enterprise policy agent protects the Protected Resource, while OpenSSO Enterprise itself is protected by a SiteMinder policy agent. The following figure illustrates the deployment architecture for single sign-on using both SiteMinder and OpenSSO Enterprise.

Figure 13–1 Deployment Architecture for Simple Single Sign-On with SiteMinder

OpenSSO Enterprise and its Policy Agent, SiteMinder
and its Policy Agent

The following figure illustrates the process flow in this deployment.

Figure 13–2 Process Flow for Simple Single Sign-On with SiteMinder

Text-based, needs no further explanation.