This chapter describes how to implement single sign-on to enterprise resources.
Proxy authentication information identifies a user via user name and password (credentials), and the URL used to connect to the data source or service. When a user logs in to a system secured with Enterprise Security, the proxy authentication information can be retrieved from the ACDB and presented to the back-end data source to authenticate the user without requiring the user to reenter his or her user name or password.
To use proxy authentication information for single sign-on, the data source (asset) must first be defined in the ACDB. The proxy authentication mechanism determines whether a user’s credentials allow access to the back-end data source; it does not enforce the user’s privileges to read, write, update, or execute commands on the data source.
SMAPI provides management and administrative functions for managing proxy authentication information. You must write your own custom application to invoke the API that retrieves the proxy authentication information, and the application must call PortalSession.findProxyAuthenticationInfo.
