beautypg.com

Implementing single signon, Portal desktop design, Implementing single sign-on – Sun Microsystems Portal Server 6 User Manual

Page 128

background image

Identity and Directory Structure Design

128

Portal Server 6 2005Q1 • Deployment Planning Guide

See the Portal Server 6 Administration Guide, Directory Server Deployment Guide, and
the Access Manager Deployment Guide for more information on planning your
Access Manager and Directory Server structure.

Implementing Single Sign-On

Single sign-on (SSO) to Portal Server is managed by Access Manager. SSO provides
a user with the ability to use any application that has its access policy managed by
Access Manager, if allowed through the policy. The user need not re-authenticate
to that application.

Various SSO scenarios include:

Portal web application

. The authentication comes from Access Manager, and

the application validates the user credentials with Access Manager

Standalone web application

. The application is hosted on a separate web

container, and the Access Manager Web Agent is used for
authenticationAccess Manager. This does not require application coding.
Additionally, you can modify the application to validate against Access
Manager directly.

Standalone Java application

. In this scenario, you modify the application to

validate user credentials against Access Manager directly.

Non-Access Manager aware application

. In this scenario an application stores

a user’s credentials and provides them as needed. However, this is not an ideal
SSO solution, as the user needs to re-authenticate if credentials change.

Portal Desktop Design

The performance of Portal Server itself largely depends upon how fast individual
channels perform. In addition, the user experience of the portal is based upon the
speed with which the Portal Desktop is displayed. The Portal Desktop can only
load as fast as the slowest displayed channel. For example, consider a Portal
Desktop composed of ten channels. If nine channels are rendered in one
millisecond but the tenth takes three seconds, the Portal Desktop does not appear
until that tenth channel is processed by the portal. By making sure that each
channel can process a request in the shortest possible time, you provide a better
performing Portal Desktop.