Sun OpenSSO Enterprise 8.0 Deployment Planning Guide

Understanding Typical Business Use Cases

The following use cases illustrate why companies might choose to use the Fedlet in their environment.

Saving Time and Reducing Overhead

In this use case, the Service Provider needs to single sign-on with an Identity Provider that has OpenSSO Enterprise installed in the Identity Provider environment. But the Service Provider does not want to install the full-featured OpenSSO Enterprise just to enable federation. The Service Provider cites one or more of the following reasons for not installing OpenSSO Enterprise:

The Service Provider is small company that provides one application as only part of their service.
The Service Provider wants identity federation at minimum cost.
Installing OpenSSO Enterprise would require investments in hardware, services, and human resources that the Service Provider does not want to make.
Installing OpenSSO Enterprise would require the Service Provider system administrators to be proficient in implementing identity federation protocols in order to configure and maintain the OpenSSO Enterprise federation deployment.
The Service Provider wants to quickly enable federation in their environment in a very short timeframe.
The Service Provider wants only to implement single sign-on with the Identity Provider and retrieve some user attributes for customizing the service to the user. The Service Provider does not want to install a full-featured federation solution and just to use two features.

Customizing Content Based on User Attributes

In this use case, a telecommunications company acts as an Identity Provider. The telecommunications company subscribers use the custom telecommunications company user portal to receive personalized content. The content is received by the telecommunications company from its business partners such as StockService.com, Weather.com, and so forth. OnCast, a new partner of the telecommunications company, uses Fedlets for its portal user single sign-on. Through the Fedlets, OnCast retrieves specific user attributes over SAML from the telecommunications company. OnCast then uses the user attribute data to customize its content deliver.

Figure 5–6 Fedlet Service Provider Customizes Content Based on User Attributes

Communication from User to Identity Provider
to Service Provider with Fedlet.

See the demonstration of this business use case at http://blogs.sun.com/sid/resource/fedlet.html .