When a user who is not logged in attempts to access the Business Control Center, the user is redirected to the SSO login page, and is prompted to authenticate using Commerce SSO. If the authentication succeeds on the SSO server, the user is then redirected to the ATG Content Administration server, which retrieves the corresponding user profile from the internal profile repository and associates the current session with the profile. If authentication fails, the user remains at the Commerce SSO login page.

The /atg/dynamo/servlet/dafpipeline/AccessControlServlet and /atg/web/assetmanager/userprofiling/NonTransientAccessController components are reconfigured by the plug-in to delegate control of the Business Control Center login process to Commerce SSO. The NonTransientAccessController component is responsible for redirecting the user to the SSO server login URL, which it constructs by invoking methods on the /atg/userprofiling/commercesso/CommerceSSOTools component.

Note: To enable redirection of requests from the ATG Content Administration server to the Commerce SSO server, add the hostname of the SSO server to the allowedHostNames property of the /atg/dynamo/servlet/pipeline/RedirectURLValidator component on the ATG Content Administration server. For example:

allowedHostNames+=ssohost.example.com

Copyright © 1997, 2017 Oracle and/or its affiliates. All rights reserved. Legal Notices