5 Enabling MSS with Single Sign-On Functionality

This chapter provides information about optionally enabling single sign-on functionality with Oracle Communications MetaSolv Solution (MSS) utilizing Oracle Enterprise Single Sign-On Suite Plus (ESSO Suite) software.

About Single Sign-On Functionality

Single sign-on functionality provides a unified sign-on and authentication across all enterprise resources. It provides identity management functionality eliminating the need for multiple user names and passwords.

Figure 5-1 shows an overview of the required software components and their relationships. Configuring MSS with the ESSO Suite software and the single sign-on functionality is optional.

Figure 5-1 Single Sign-On Required Component Overview

Description of Figure 5-1 follows
Description of "Figure 5-1 Single Sign-On Required Component Overview"

To enable the single sign-on capability for MSS, you must install and configure the required components which include the following:

  • ESSO Administrative Console

  • ESSO Logon Manager (ESSO-LM)

  • Repository

  • ESSO Provisioning Gateway (ESSO-PG)

About the ESSO Administrative Console

The Oracle ESSO Administrative Console enables:

  • Administration of the ESSO environment

  • Creation of the MSS template

The MSS template describes for the client, the window and fields for the input username and password. The repository stores the templates.

About the ESSO Logon Manager

The ESSO Logon Manager (ESSO-LM) provides the single sign-on functionality. The ESSO-LM component is responsible for items such as the following:

  • Detecting requests for credentials

  • Analyzing the responses

  • Logging events

  • Administering settings

The ESSO-LM resides on the server-side and on the client computers. The system administrator performs a setup on the server-side ESSO-LM that then gets pushed to all the client computers.

About the Repository

The repository is the central location for storing:

  • User Credentials

  • Application Logon Templates

  • Password Policies

  • ESSO Client Settings

The ESSO Suite supports the following software list for the repository:

  • Oracle Database or any SQL Database

  • Microsoft Active Directory

  • Oracle Directory Services (OID, ODSEE, OUD)

  • Most third-party LDAP-compliant directories

About the ESSO Provisioning Gateway

The ESSO Provisioning Gateway (ESSO-PG) provides the ability to remotely add, modify, and delete application credentials from each user's ESSO-LM credential storage. This eliminates the need for local credential capture and grants the user access to the target application.

Integrating MSS with ESSO Overview

The ESSO Suite support numerous types of authenticators and configurations, and this chapter supports the following scenario:

  • Users log onto a desktop client using Windows authentication.

  • Oracle Unified Directory (OUD) supports an LDAP-compliant solution as the central repository.

You set up this scenario configuration by completing the download, install and setup of the ESSO Suite and Repository software. The following set of tasks is an overview of the required steps:

  • Download the Oracle Enterprise Single Sign-On Software.

    Refer to MSS Planning Guide for software version information.

  • Download the Oracle Unified Directory (OUD) Software, or you can use any supported repository software.

    Refer to MSS Planning Guide for software version information.

  • Install the repository and setup MSS user names and passwords.

  • Install and configure the ESSO Administrative Console.

    • Perform the “Extend the Repository" operation on the ESSO Administrative Console and link it to the OUD repository (or the selected repository).

    • Perform the Authentication Setup (defaults to Windows).

    • Setup the synchronization settings.

    • Update the user experience settings and the security settings.

  • Install the ESSO Logon Manager on the MSS AdminServer.

  • Create the MSS Template in the ESSO Administrative Console.

  • Install and set up the ESSO Provisioning Gateway.

  • Package the ESSO Suite software for deployment to user computers.

  • Install and setup the ESSO client on user computers.

For more detailed information on the single sign-on software installation and set up, refer to Oracle Support Document 2226090.1 (Oracle Communications MetaSolv Solution Release 6.2.1 and 6.3 Single Sign-On using Oracle Enterprise Single Sign-On Suite). You can download the document on My Oracle Support at this website:

https://support.oracle.com/epmos/faces/DocumentDisplay?id=2226090.1