Single login with Single Sign On

About PassPort Single Sign On

Datastore provides Single Sign On (SSO) via PassPort. SSO enables you to access multiple secured Web applications using a single user name and password that are provided once only at the start of the session.

PassPort provides secure single sign-on (SSO) functionality for users to log on once and access the user interfaces of multiple Axway products. In addition, SSO provides connectivity to SiteMinder for integration with an existing enterprise SSO solution and extensions to integrate with other enterprise SSO solutions.

SSO in PassPort provides:

  • A unified interface to end users across Axway products and extensible to third-party applications
  • Central configuration and management of identities and access-control policies
  • A way to leverage existing enterprise SSO solutions

PassPort supports two SSO modes:

  • Reverse-proxy mode
  • Central Authentication Service (CAS) mode

CAS2 mode provides superior performance, but the SSO agent cannot be deployed in the DMZ as with reverse proxy mode. The API documentation provides details about how a registered product can switch modes.

How PassPort SSO works

When a user attempts to log on to the SSO landing page, and PassPort is configured to use SSO for registered products, there is a series of interactions between software products inside and outside of PassPort. The following figure illustrates the relationships.

When a user logs on from the SSO landing page, the following sequence takes place:

  1. The landing page (log-on page) sends the user's credentials to the SSO Agent.
  2. The SSO Agent sends the credentials to PassPort for authentication.
  3. PassPort authenticates the user by checking the credentials against the PassPort database or some external authentication solution (for example, an LDAP server).
  4. If authentication is successful, PassPort sends a token to the SSO Agent.
  5. The SSO Agent sends the token back to the landing page.
  6. The landing page uses the token to log on the user.

For more information on SSO concepts and configuration, refer to the PassPort documentation.

Related Links