This content has been marked as final. Show 2 replies
Whenever possible, you will try not to pass credentials full credential data to the target application. Most of the time, you only have to tell the application it has to trust the Id you'll pass, and to ensure through SSO agents that credential you are providing the application are valid (ie: they are those you got on SSO server).
Using an iFrame, if your portal is protected by an OpenSSO server, and the application inside the iFrame too, then all you need is an OpenSSO agent on both application servers and a bit of config.
Thanks for the reponse.
Within the default user's landing page there is service related information which is listed but as part of that page, the iFrame which passes credentials on to the external application, could OpenSSO be used to allow access to all users to the landing page but protect the iFrame and have an OpenSSO login page within the iFrame.
I know, maybe Im asking silly questions here ....
My understanding is that as long as the resources that are being protected by OpenSSO have different URL's, in this case he landing page and the iFrame then OpenSSO can protect them both with different policies, in this case an anonymous auth scheme for the landing page and an OpenSSO login page within the iFrame protected by a seperate policy.
Answers on a postcard please, and thanks in advance.