Manuel du SDKSingle Sign-On (SSO) › SSO Integration Steps

Rubrique précédente: Secured Silent Logon

Rubrique suivante: Authentication Gateway

SSO Integration Steps

A few transactions should be configured and applied to connect the CA Business Service Insight login system to the IMS. These SSO integration steps include:

  1. When the user is logged into CA Business Service Insight (via portal or any environment containing user credentials), CA Business Service Insight obtains and extracts the user ID and organization from the token or ticket.

    For example, when the user is logged into the portal, an appropriate token is attached to the user session. The token contains the user information that can be used by CA Business Service Insight. Configure this step in the InsightGateway.aspx page. The coding in the InsightGateway.aspx page and the implementation method depend on the Identity Management tokens.

    The following sample Gateway.aspx.cs shows an example of the GetInsightUserCredentials function:

         /// <summary>
     /// Obtain CA Business Service Insight user name and organization from portal user directory
     /// This method is supposed to call ActiveDirectory or another repository using portal API
     /// to obtain current user name and organization in terms of CA Business Service Insight
     /// </summary>
     /// <returns>CA Business Service Insight user credentials
struct</returns>
     private UserCredentials GetInsightUserCredentials ()
     {
     UserCredentials ucInsightUser = new
UserCredentials () ;
     //currently always assume user is sadmin and organization is Insight (default)
     ucInsightUser.UserName = "Insightuser";
     ucInsightUser.Organization = "Acme";
     return ucInsightUser;
     }
  2. Once the user information is retrieved from the token, the user is authenticated with the CA Business Service Insight security repository system using InsightAuth.asmx page. This page receives the user ID and the organization from the token extraction in the previous step.
  3. This step is performed in InsightSilentLogin.asp page. After getting CA Business Service Insight approval for the user ID, CA Business Service Insight creates a secure session ID and context objects, which follows the user when browsing. The session ID object contains security and verification information. In addition, the system creates Context object, including locale and other regional setting.