Once a client has been authenticated into the Enterprise Security services, you can develop a single sign-on (SSO) solution, which allows clients to request access to protected assets within the environment without requiring that they reenter user credentials.
Single sign-on capability is provided by Enterprise Security as an agent for the client. If the back-end systems require a form of authentication other than a user name and password (for example, certificate-based), then single sign-on is not supported.
The Enterprise Security framework requires third-party applications to integrate with the framework for the SSO capability to persist. Enterprise Security provides APIs to allow for third-party applications to integrate with the SSO framework.
The Enterprise Security framework does not provide single sign-on features from operating-system level authentication mechanisms, or directory services, such as LDAP, UNIX or NT Active Directory, or other systems (Lotus Notes). In such a case, if the client has been authenticated by the operating system, additional authentication to the system is required.
