SharePoint Single Sign-On

 <  Day Day Up  >  

SharePoint Portal Server offers a single sign-on service that makes it easier for users to access their applications within the portal. If you embed an expense-tracking or project management system in your portal that requires a separate login, you can configure SharePoint to store user credentials and map them to their SharePoint account. Users can move from one application to another without signing into each one separately.

Single sign-on maps authentication to the individual web parts. You could, for example, design a portal page with three different web parts requiring three different usernames and passwords. The single sign-on service would map all these to the appropriate credentials without prompting the user to log in again.

To implement single sign-on, you must configure the single sign-on service, create a base system key, and then add application definitions for each of the applications to be integrated. Here are more detailed steps:

  1. Start the Microsoft Single Sign-On service. From the Start menu, select Programs , then the Administrative Tools program group , and click Services .

  2. In the Services console, select Microsoft Single Sign-On service . Right-click and select Start .

  3. Run the SharePoint Portal Server Single Sign-On Administration by selecting it from the SharePoint Portal Server program group on the Start menu. The management console appears, as shown in Figure 7.23.

    Figure 7.23. Manage Settings for Single Sign-On Page

    graphics/07fig23.gif


  4. Select Manage server settings for single sign-on and enterprise application definitions.

  5. Enter the account name, server name , and other information for the account that can manage the single sign-on service (Figure 7.24). You can choose the location of the database that contains this information on this page as well. The account you choose must be a member of the local Administrators group or a member of the STS_WPG local group.

    Figure 7.24. Manage Server Settings for Single Sign-On Page

    graphics/07fig24.gif


  6. Create the base system key, which is the encryption key used to decrypt the credentials stored in the database. SharePoint automatically generates the base system key. You can regenerate the key if the previous credentials were compromised.

NOTE You cannot manage the base system key remotely. You must access the job server and specify the settings locally. This may be a long-running process, so take care to perform it at off-peak periods.


The development interface for SharePoint single sign-on is extensible, so developers can add custom functionality. These changes can make the SharePoint Portal Server user interface a useful part of an enterprise portal even if you are not relying on out-of-the-box functionality.

 <  Day Day Up  >  


Building Portals, Intranets, and Corporate Web Sites Using Microsoft Servers
Building Portals, Intranets, and Corporate Web Sites Using Microsoft Servers
ISBN: 0321159632
EAN: 2147483647
Year: 2004
Pages: 164

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net