2.2.2 Session-Based Single Sign-On
You can implement single sign-on by placing a Principal object in the user's HTTP session. This allows Style Intelligence to automatically sign in the user without attempting to authenticate their credentials.
The Style Intelligence SRPrincipal object is used to hold the security information, and you must add this object to the user's session as an attribute. The amount of information that you provide within the SRPrincipal object determines the extent of SSO, as well as the role and responsibility of the security provider.
You can implement SRPrincipal-based SSO for both .NET (non-Java) and J2EE applications:
• For J2EE applications, use the lightweight InetSoft Proxy Servlet within your own application. The proxy duplicates the SRPrincipal object onto the Style Intelligence web application. The recommended injection point for the SRPrincipal object is a request filter mapped to the Proxy Servlet. See Request Filter mapped to the Style Intelligence Proxy Servlet.
• For .NET (non-Java) applications, you need to pass the user information to the Style Intelligence web application via a suitable method such as cookies, request parameters, etc. The recommended injection point for the SRPrincipal object is a request filter mapped to the Style Intelligence Report Servlet. See Request Filter mapped to the Style Intelligence Report Servlet.
| << 2.2.1 Form-Based Single Sign-On | © 1996-2013 InetSoft Technology Corporation (v11.4) | Request Filter mapped to the Style Intelligence Proxy Servlet >> |