OK, We have completed the implementation of Single Sign-On for EPM 188.8.131.52 using Siteminder. We are not using DSSO directly for EPM, but the way we have it working is as follows.
1. The users would start IE (corporate preferred browser) and it takes them directly to the company internal website that uses DSSO to generate the token or cookie (I am not an expert on this side of the technology!)
2. Once they are authenticated they can go to the EPM workspace link. It uses the token/cookie to log them in to workspace.
3. IF the user going directly to the Workspace login BEFORE being authenticated on the internal website, they will be prompted by the company login webpage to enter their network ID.
4. After they enter their ID/pswd on the company login page, they are now logged in to EPM workspace.
This same interaction happens for Shared Services login.
Question around Smartview
The documentation on Single Sign-On and Smartview within the Security doc on p.115 ( http://docs.oracle.com/cd/E17236_01/epm.1112/epm_security_11121.pdf) from what I can tell we meet all the requirements to use Single Sign-On with Smartview. However, when I use the link for Smartview (http://<HOST_NAME>:8080/workspace/SmartViewProviders) it will pop up our corporate login window EVERYTIME. After I put in my network info the window goes away and I am now logged in to Smartview. Even if I have a browser session open and am authenticated in IE to the network whenever I connect via Smartview it brings up the company login web page.
Am I missing a configuration that will allow Smartview to use the Single Sign-On option? From what I know of DSSO it uses Kerberos which if we set EPM up to use DSSO that Smartview does not use Kerberos.
Is there something that I need to change in the configuration or a better approach that we can use to get around this?
Any assistance in trying to figure this out would be greatly appreciated!