Single Sign On (SSO) is a method of passing credentials into OrgPlus Enterprise (OPE) from a chosen security adapter inside the Admin panel of OPE. An example is the Generic Adapter SSO which passes security information into OPE through a URL. Credentials are cached in OPE until the user’s session has ended. The session will end when one of the following events occur:

- Select ‘Sign Out.’
- Close the Browser completely (if on OPE 3.3 or above).
- The session ends after the “Idle Timeout” period has passed. This setting is located in the Application Pool under the ‘Performance’ tab in Internet Information Services.

SSO Authentication vs. SSO Authorization
Single Sign On Authentication determines whether a user has permission to access OPE (is the user valid). Single Sign On Authorization determines what data within OPE that a user has access to (who is this user).

Multiple security adapters can be used simultaneously for OPE to give employees the appropriate access. For instance, LDAP SSO Authentication with Excel SSO Authorization can be used if an LDAP parameter for ‘RoleID’ is inaccessible. Thus, LDAP SSO will give access into OPE and Excel will determine which role a user will be assigned.

For additional OPE security options, click here to visit the ‘Security’ section of our Admin help guide.

This entry was posted on Sunday, February 15th, 2009 at 10:06 pm and is filed under General Discussion, Product News, Tips & Tricks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.