Scribd
Upload
34 views

Summit SSO Documentation: Workflow

The SSO implementation uses a .NET library that must be included in each epaper domain bin folder. It allows single sign-on and sign-out across domains that share a subscription database. The workflow involves redirecting from the login screen to SSOConnect to check for an SSO cookie, and if not present, performing authentication. If authentication succeeds, an SSO cookie is set and the user is redirected to SSOConnect of the next domain. Database and web config changes are required, including adding a PublicationUrl column and tbl_ssoToken table, setting SSO parameters, and ensuring the loginUrl is set correctly on each domain.

Uploaded by

Sudhir singh
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
34 views

Summit SSO Documentation: Workflow

The SSO implementation uses a .NET library that must be included in each epaper domain bin folder. It allows single sign-on and sign-out across domains that share a subscription database. The workflow involves redirecting from the login screen to SSOConnect to check for an SSO cookie, and if not present, performing authentication. If authentication succeeds, an SSO cookie is set and the user is redirected to SSOConnect of the next domain. Database and web config changes are required, including adding a PublicationUrl column and tbl_ssoToken table, setting SSO parameters, and ensuring the loginUrl is set correctly on each domain.

Uploaded by

Sudhir singh
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Summit SSO documentation

SSO in our existing epaper is implemented as a .NET library(SSOLogin.dll) and it must be in the bin folder
of the epaper .
This Library implements the idea of single sign on and single logout from the set of epaper domain for
which the subscription database of those epaper must be same.
Below is the workflow and changes for the above :

Workflow
Redirection
to Check SSO Cookie
Login Screen Successful
Authenticationn SSOConnect
authentication : If not set SSO
(user enter
username and cookie
Set sso cookie
password)

Check nxt
Redirect to Yes publication
SSOConnectof domain exists
next domain

No

Redirect to the
HomePage from
where authentication
started

• If the password at the time of token generation does not match current password in
that ssoAuthentication will not successful as in security scenario a user can change
password and the sso token will be invalid now .

• After the above process if user login anytime and if cookie exists then user will be
authenticated using the cookie else redirected to Login Screen and above process will
follow.
• Logout Process : The logout process will be same as above using SSOConnect
redirection and remove the cookie one by one and redirecting to the first logout
triggering domain.
Database requirement above standard epaper :

• Column PublicationUrl column in tbl_publication .


Condition : All urls must be accessable from each other domain and must be unique.

• Table tbl_ssoToken.

Web Config changes :


• <add key="ssoLoginMode" value="1" />
Use : Must be greater than 0 to enable SSOLogin mode 1,2,3 and so on have different meaning as we
implement.

• <add key="ssoCookieDays" value="5" />


Use : Number of days after which the ssoCookie will expire.

• <add key="SsoLog" value="D:\sp\sites\DTCC\LOG" />


Use : Log Path for sso Library.

• <forms loginUrl="~/login/landingpage" timeout="45" slidingExpiration="true"


cookieless="UseCookies" protection="All" requireSSL="false" enableCrossAppRedirects="false"
defaultUrl="~/login" path="/" />

Note : The loginUrl="~/login/landingpage" must be set to this on each domain as we are


authenticating the user from here this is the LoginWindow for us. If not set the user session will not
be generated

You might also like