Επεξεργασία

Κοινή χρήση μέσω

Single Sign-On and BizTalk Adapter for JD Edwards EnterpriseOne

  • Άρθρο

When you use Single Sign-On (SSO) with Microsoft Adapter for JD Edwards EnterpriseOne, the adapter obtains the credentials from the SSO Credentials database. Therefore, you do not need to enter the logon credentials for the server system in the Transport Properties dialog box.

At design-time, BizTalk Adapter for JD Edwards EnterpriseOne obtains the credentials for the system (for the specified affiliate application) under the context of the user who started the BizTalk Server project. That user should be an Application User. At run time, use the BizTalk Server HTTP Receive Adapter as a receive location in the pass-through scenarios when using SSO.

Processing Requests

When Internet Information Services (IIS) receives an HTTP request from a Web client, IIS authenticates the user. The ISAPI extension impersonates the Windows user and calls the SSO credential store to obtain an encrypted ticket. This ticket is stored as the SSOTicket property in the context of the message.

The message is then directed to the Message Box database. When BizTalk Adapter for JD Edwards EnterpriseOne receives the message from the Message Box database, it calls ValidateAndRedeemTicket with the encrypted ticket along with the affiliate application name to retrieve the logon credentials from the SSO store. The adapter then uses the external credentials to connect to the system and process the request.

Note

SSO configuration is part of the BizTalk Server setup. If you get SSO errors, verify that you used a domain account when you configured BizTalk Server, as this affects the function of the Enterprise SSO service. SSO only functions under a domain account.

See Also

Creating Affiliate Applications
Security in BizTalk Adapter for JD Edwards EnterpriseOne