Sun OpenSSO Enterprise 8.0 Deployment Planning Guide

OpenSSO Enterprise Solution

By issuing a restricted SSO token, the set of Session Service operations that can be performed are limited using these tokens. This functionality enables OpenSSO Enterprise to prevent applications from modifying profile attributes of the user. The following figure illustrates a typical OpenSSO Enterprise deployment within an enterprise. While the figure illustrates security issues related to cookie hijacking, the figure also illustrates the solution.

Figure 16–4 Process Flow for Cookie Hijacking Prevention

Text-based diagram. Needs no further explanation.