|
|
|
In Use Case 2, smcompany.com buys parts from a partner named partsco.com.
An engineer authenticates at the employee portal, smcompany.com and clicks a link to access information at partsco.com. Being an engineer at smcompany.com, the user is taken directly to the Specifications and Parts List portion of partsco.com website without having to log in.
When a buyer for smcompany.com authenticates and clicks a link for partsco.com, the buyer is taken directly to the ordering area of the partsco.com website. The buyer does not have to log in.
Additional attributes, such as the user name are passed from smcompany.com to partsco.com to personalize the interface for the individual user.
Partsco.com does not want to maintain user identities for all employees at smcompany.com, bu the company wants to control access to sensitive portions of the website. To control the access, partsco.com maintains a limited number of profile identities for users at smcompany.com. One profile identity is maintained for engineers and one profile identity is maintained for buyers.
When an employee of smcompany.com accesses partsco.com, smcompany.com sends user attributes in a secure manner to partsco.com. Partsco.com uses the attributes to determine what profile identity controls access.
| Copyright © 2012 CA. All rights reserved. |
|