Manualshelf

User Guide

ManualsBrandsMacromedia ManualsOtherCOLDFUSION 5-ADVANCED ADMINISTRATION
121122123124125126127128129130
Advanced Security Single Sign-On 109
Advanced Security Single Sign-On
Single sign-on is the ability to authenticate once, even when two servers are involved.
For example, if the Microsoft IIS Web server authenticates a user, a ColdFusion page
implementing the IsAuthenticated function would not need to re-authenticate that
user.
In single sign-on, two or more agents trying to authenticate a user will share the
same authentication ticket and avoid challenging the user twice for credentials. For
ColdFusion, one agent is a Web server acting as an agent to Netegrity SiteMinder.
The second is a ColdFusion custom agent talking to the policy server via APIs. When
the Web server authenticates a user, its SiteMinder agent will append to the http
header of the *.cfm file forwarded to ColdFusion, CGI parameters which include the
authentication session ticket. ColdFusion uses that ticket to prove to the SiteMinder
server that it has authentication, therefore preventing a second sign on.
Please refer to the release notes for information about setting up and configuring
single sign-on with ColdFusion.