Applies To:

Show Versions Show Versions

Manual Chapter: Single Sign-On Methods
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

What are the supported SSO methods?

Access Policy Manager® supports the following SSO authentication methods.

SSO method Description
HTTP Basic Auth The SSO plugin uses the cached user identity and sends the request with the authorization header. This header contains the token Basic and the base64-encoded for the user name, colon, and the password.
HTTP Form-Based Auth Upon detection of the start URL match, the SSO plugin uses the cached user identity to construct and send the HTTP form-based post request on behalf of the user.
HTTP NTLM Auth v1 NTLM employs a challenge-response mechanism for authentication, where the users can prove their identities without sending a password to the server.
HTTP NTLM Auth v2 NTLM employs a challenge-response mechanism for authentication, where the users can prove their identities without sending a password to the server. This version of NTLM is an updated version from NTLM v1.
Oracle Access Manager (OAM) The Enterprise Access Manager plug-in integrates with the OAM server as access gate(s) for web access, while the Access Policy Manager acts as an OAM Policy Enforcement Point (PEP).
Kerberos This provides transparent authentication of users to Windows Web application servers (IIS) joined to Active Directory domain when using an access policy with a passwordless authentication method. It can also be used when IIS servers require Kerberos authentication.

Configuring SSO using HTTP Basic authentication method

With the HTTP Basic method of authentication, the SSO plug-in uses the cached user identity and sends the request with the authorization header. This header contains the Basic token and the base64-encoding of the user name, colon, and the password.
  1. On the Main tab, expand Access Policy, and click SSO Configurations. The SSO Config List screen opens.
  2. ClickCreate. The New SSO Configuration General Properties screen opens.
  3. From the SSO Method list, select HTTP Basic.
  4. In the Credentials Source area, specify the user name and password you want cached for Single Sign-On.
  5. Click Finished.
After the access profile is configured, you must configure the access policy for this profile to support Single Sign-On.

Configuring SSO using form-based authentication method

With the HTTP form-based method of authentication, upon detection of the start URL match, the SSO plug-in uses the cached user identity to construct and send the HTTP form-based POST request on behalf of the user.
  1. On the Main tab, expand Access Policy, and click SSO Configurations. The SSO Config List screen opens.
  2. ClickCreate. The New SSO Configuration General Properties screen opens.
  3. From the SSO Method list, select Form Based.
  4. From the Use SSO Template list, select the template you want to use. The screen refreshes to show additional settings applicable to the specific template.
  5. In the SSO Method Configuration area, specify all relevant parameters. Refer to the online help for specific information on each parameter.
  6. Click Finished.

Configuring SSO using NTLM v1 authentication method

With this method of authentication, NTLM employs a challenge-response mechanism for authentication, where the users can prove their identities without sending a password to a server.
  1. On the Main tab, expand Access Policy, and click SSO Configurations. The SSO Config List screen opens.
  2. ClickCreate. The New SSO Configuration General Properties screen opens.
  3. From the SSO method list, select NTLM v1.
  4. In the SSO Method Configuration area, specify all relevant parameters. Refer to the online help for specific information on each parameter.
  5. Click Finished.

Configuring SSO using NTLM v2 authentication method

With this method of authentication, NTLM employs a challenge-response mechanism for authentication, where the users can prove their identities without sending a password to a server. This version of NTLM has been updated from version 1.
  1. On the Main tab, expand Access Policy, and click SSO Configurations. The SSO Config List screen opens.
  2. ClickCreate. The New SSO Configuration General Properties screen opens.
  3. From the SSO method, select NTLMV2.
  4. In the SSO Method Configuration area, specify all relevant parameters. Refer to the online help for specific information on each parameter.
  5. Click Finished.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)