This example illustrates an identity-based communications solution for a medium-sized enterprise of about 1,000 to 5,000 employees. Typically, an exhaustive business analysis followed by detailed technical requirements analysis is needed to design the logical architecture. However, because this is a theoretical example, assume that the following business requirements have been determined:
Employees of the enterprise require personalized access to internal web sites, communications services, calendar services, and other resources.
Enterprise-wide authentication and authorization provide access to the internal web sites and other services.
Single identity is tracked across all enterprise services, enabling a single sign-on (SSO) that provides access to the internal websites and other services.
Use cases for this example would detail login procedures, reading email, sending email, personalizing the portal, synchronizing calendars, and other similar user activities.
The following figure shows a logical architecture for this type of identity-based communications solution.
For a deployment solution of this nature, there typically are numerous detailed use cases outlining the user interaction with the services provided by the solution. This example focuses on the interaction among components when a user logs into a portal from a web browser client. The example splits this login scenario into two use cases:
User logs in, becomes authenticated, and Portal Server retrieves the user’s portal configuration.
Portal Server retrieves email and calendar information to display in the web client.
The two use cases can be considered one extended use case. However, for this example, the use cases are separated for simplicity.
Web browser client sends user ID and password to Portal Server.
Portal Server requests authentication from Access Manager.
Access Manager requests verification of user ID and password from Directory Server.
Directory Server verifies user ID and password.
Access Manager requests user profile from Directory Server.
Directory Server returns user profile.
Portal Server requests user display profile from Access Manager.
Access Manager returns portal configuration.
Portal configuration is displayed in web browser client.
After successful log in, authentication, and retrieval of portal configuration, Portal Server requests email messages from Messaging Server MMP.
MMP requests message list from Messaging Server STR.
STR returns message list to MMP.
MMP forwards message headers to Portal Server.
Portal Server requests calender information from Communications Express.
Communications Express requests calendar information from Calendar Server backend.
Calendar Server backend returns calendar information to Communications Express.
Communications Express forwards calendar information to Portal Server.
Portal Server sends all channel information to web browser client.