There are many ways to implement SSO in your organization and have critical business applications with various authentication mechanisms integrate using a single nuclei. Authentication, Authorization, Entitlement and Federation activities are carried out by SSO software developed by keeping in mind the transparency, disparate identity repositories, varied platforms, web applications and servers and yet a strong security component to keep organization in loop securely.
Security Component which enables Single-Sign On typically utilized Active Directory (Microsoft Active Directory/ LDAP/ repositories/Oracle UCM or a Databases in some scenarios) where credentials can be centralized and stored in a single place from where it can be fetched to authenticate various applications. When external applications are identified as being within Circle of Trust using various authentication mechanisms, they are entrusted to access information from CRM On Demand and vice-versa.
Authentication mechanisms typically use Digital Certificates, Cookies (which have UserID and Password packed), and Federation ID (In case of Integration with CRM On Demand). Most common method is to use the cookies for authentication and to use Web Services and WSDL files to connect to the external Cloud (external entity) and retrieve data of any format.
Integration requires no coding or manual intervention or development time. Using Ping Federation Services, all configurations are interactive and can be done on an Admin Console. For B2B connections, Salesforce Cloud Identity Connector, CRM On Demand Cloud Identity Connector, Open AM Cloud Identity Connector and Open ID Cloud Identity Connector could be used.
In my next post, I will discuss how to cloud connect between LDAP and CRM-OD using Ping Federate.
Blog author: Aarthi Sitaraman
Aarthi is a contributing blog author on the Web Technical Services Practice Team at Biztech.