single sign-on (SSO)

Using the single sign-on (SSO) feature, a user authenticated by an external application can become authenticated to PRPC without providing another user ID and password. This feature can improve user productivity and allow better control over passwords. This feature uses a specially formatted URL and information in an Application ID data instance (Data-Admin-AppID class).

See How to implement Single Sign-on using SPNEGO and JAAS. (SPNEGO is an acronym for Simple and Protected GSS-API Negotiation Mechanism, used in Microsoft Windows.)

Your authentication activities for HTTP communication can use the pxRequestor.pxHTTPServletRequest property (of mode Java Object). This is a facade object that provides most of the information received about the incoming HTTP request. A few operations are not allowed:

• Accessing the file system using getRealPath()
• Read/write access to session or request attributes
• Access to the HttpServlet
• Examination of current session Roles
• Creation of a RequestDispatcher

Despite these limitations, an activity can access the object to obtain cookie and header information.

The pxHTTPServletRequest property is created only when a custom authentication activity runs. To reduce memory demand, this property is not present during other requests.

Related terms

Open topic with navigation