|
|
|
In Use Case 2, smcompany.com buys parts from a partner named partsco.com.
An engineer authenticates at the employee portal, smcompany.com and clicks a link to access information at partsco.com. Being an engineer at smcompany.com, the user is taken directly to the Specifications and Parts List portion of partsco.com website without having to log in.
When a buyer for smcompany.com authenticates at smcompany.com and clicks a link to access information at partsco.com, the buyer is taken directly to the ordering area of partsco.com website without having to log in.
Additional attributes, such as user name are passed from smcompany.com to partsco.com to personalize the interface for the individual user.
Partsco.com does not want to maintain user identities for all employees at smcompany.com, but access to sensitive portions of the Partsco.com website must be controlled. To control the access, partsco.com maintains a limited number of profile identities for users at smcompany.com. One profile identity is maintained for engineers and one profile identity is maintained for buyers.
When an employee of smcompany.com accesses partsco.com, user attributes are sent in a secure manner from smcompany.com to partsco.com, which uses them to determine what profile identity is used to control access.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |