Siebel CRM Desktop for IBM Notes Administration Guide > Customizing Authentication > About CRM Desktop SSO Architecture >

Flow That the CRM Desktop SSO DLL Uses

Figure 18 illustrates the flow that the CRM Desktop SSO DLL uses.

Figure 18. Flow That the CRM Desktop SSO DLL Uses

Explanation of Callouts

The CRM Desktop SSO DLL does the following:

1. CRM Desktop SSO loads the DLL.
2. The Instance Handler loads and initializes the DLL.
3. The Session Manager starts and maintains SSO sessions.
4. If you enable autoupdate, then the Update Checker automatically updates the script for each new session instance. For more information, see Installing CRM Desktop SSO If You Use Autoupdate.
5. The Session Data Controller stores the names and values of parameters that the SSO sessions share. It allows data exchange between SSO sessions and provides a single location to store data that these sessions can share. For more information, see About Authentication Sessions and Data Exchange Sessions.
6. The SSO sessions are a collection of SSO sessions that are currently active. For more information, see Architecture That an SSO Session Uses.

About Authentication Sessions and Data Exchange Sessions

CRM Desktop SSO can create the following types of sessions:

• Authentication session. Starts if the user must change the login name and password or if CRM Desktop SSO requests the user to reenter the password to confirm these credentials. Note the following:
  • The SSO script does not use any cached information from a previous SSO session during an authentication session.
  • In some situations the SSO script cannot prevent Internet Explorer from allowing the user to access CRM Desktop without entering credentials. This situation typically occurs if CRM Desktop SSO uses a persistent cookie to identify the Web SSO user session. To allow the user to modify credentials when CRM Desktop SSO uses a persistent cookie, the user must use Internet Explorer to log out from CRM Desktop. This log out removes the persistent cookie. An authentication session prompts the user for a user name and password the next time the user attempts to connect to the Siebel Server from CRM Desktop.
• Data exchange session. Starts during a normal operation, such as synchronization, opening the Control Panel, and so on. CRM Desktop SSO can create multiple data exchange sessions. To avoid displaying unnecessary login prompts, the SSO Connector caches any session cookies that exist in the shared session cache or that reside in the cookie cache that Internet Explorer uses.