Search This Blog

Saturday, October 30, 2010

Single Sign-on (SSO) functionality in MOSS 2007


Let me discuss about Single Sign-on (SSO) functionality in MOSS 2007.  This is a very useful feature in MOSS 2007 that lets you interact with external data in a secure manner.

I have seen many useful blogs that give you introduction to MOSS 2007 SSO. I am going to try to differ a little bit by walking you through basic steps of configuring external data sources and accessing the data using a web part in MOSS 2007.

Why do we need to use MOSS 2007 - Single Sign-On (SSO)?

MOSS 2007 SSO facilitates securely accessing external data sources from MOSS 2007. The major advantage with using this approach is all external data source credentials passed to MOSS 2007 are encrypted and just plain text. You may be accessing ERP systems like Siebel, SAP which may in turn be using any databases and you don't want to be passing your login credentials without encryption. Further, BDC can be configured to use SSO to access external data securely.
In our example, we will access a SQL Server database. For demo purposes, I have created a SQL Server 2005 database named "SSODemo". I have one table named "Customer" with 2 columns "CustomerName varchar(50)" & "CustomerPhone varchar(12) and a user with username "ssoDemoUser" has necessary privileges to access the database and perform DML operations.

Step 1: Navigate to Central admin -- Operations -- Manage Single Sign-On (should be listed as the last option under "Security Configuration" section )
If you get an error message on the screen which says

"Failed to connect to Microsoft Single Sign-on Service. To configure, please ensure the service is running"


go to Services and start the "Microsoft Single Sign-on Service" and refresh the Manage Single Sign-on page.
2: Select Manage server settings under Server settings

image

3: Enter all required information in the "Manage Server Settings for Single Sign-On".  and submit the form.

image

If you get an error message which says "You don't have rights", go back to the services and change the Logon credentials for "Microsoft Single Sign-on Service" to the exact domain account you will be using for the "Account name" shown in the screen shot.

Once the submit is successful you will be redirected back to the main screen. You will now see the "Manage encryption key" link enabled. If you click on it, you will be able to create,backup and restore encryption keys used in SSO operations.

4: Next step is creating a new Enterprise Application Definition. Click on "Manage settings for enterprise application definitions" and then "New Item"



sso_serversettings3

5: Fill in the information as shown in the screen shots below

image


image

Note that username and password are 2 login credentials that we need apart from the datasource (which we will define using Share Point Designer -- SPD) to access the SQL Server database. In terms of external ERP systems, you can define all the login elements required in this screen. Once you have entered all the information, submit the form.

6: Next option is to set up account information. (select the 2nd option under "Enterprise Application Definition Settings). The screen that loads will enable you to setup new account information. I had created a domain group called SSO Users, but you can use any valid group in your domain.

image

On the next screen, we enter our SQL Server username and password. Recollect that I had created an user named "ssoDemoUser"

image

Select "Done" on the next form.

7: Next is configuring the data source using SPD.  In SPD, open Data Source Library under Task Panes and select Database Connections -- Connect to a database.

image

Select Configure Database Connection

image

In the Configure Database Connection, key in the server and for authentication select SSO

image

In the Single Sign-On settings, key in the following information (DemoSSOApplication was the application name we defined in the enterprise application definition)

image

If the connection is successful, you will see the next screen where you can pick the option to run a SQL command or stored procedure.  Select the "specify custom Select" option to enter custom queries.

image

Select "Edit Command" button to enter a SQL statement

image

Select "OK" to all other forms.

8: You will now see a "Custom Query" section under

image

Drag and Drop the Custom Query to any page in your site. Check-in and Publish the page. You will now be able to see a web part displaying the query results from the database.

image

Pretty cool?
This is just a basic demo of showing MOSS SSO features. It is a powerful feature within MOSS 2007 to access disparate data sources securely.

33 comments:

  1. Wow, marvelous blog layout! How long have you been blogging for?
    you make blogging look easy. The overall look of your site is
    magnificent, as well as the content!

    Here is my web site Find a Bungalow

    ReplyDelete
  2. Hey there, You've done a fantastic job. I'll definitely digg it and personally recommend to my friends.
    I am confident they will be benefited from this site.

    my web-site: propertywide.Co.Uk

    ReplyDelete
  3. This text is invaluable. Where can I find out more?


    My webpage: furnished

    ReplyDelete
  4. This is the perfect website for everyone who really wants to find
    out about this topic. You know a whole lot its almost tough to argue with you (not that I really will need to?
    HaHa). You definitely put a new spin on a topic that has been written about
    for decades. Excellent stuff, just great!


    my web-site - properties

    ReplyDelete
  5. Heya i am for the first time here. I came across this board and I find It really
    useful & it helped me out much. I hope to give something back and help others like you aided me.


    Also visit my web blog - inquiry

    ReplyDelete
  6. I think the admin of this web page is actually working
    hard in favor of his web page, because here every data is quality based data.

    ReplyDelete
  7. I like the valuable information you provide in your articles.
    I'll bookmark your weblog and check again here regularly. I'm
    quite sure I will learn many new stuff right here!
    Good luck for the next!

    My page their explanation

    ReplyDelete
  8. Thank you for every other great article. Where else may just
    anyone get that type of info in such an ideal way of writing?
    I've a presentation next week, and I am at the look for such info.

    Have a look at my website the real loans bad credit app

    ReplyDelete
  9. Hello, I believe your site might be having internet browser compatibility problems.

    Whenever I look at your blog in Safari, it looks fine however, when
    opening in I.E., it has some overlapping issues.

    I just wanted to give you a quick heads up! Other than that, fantastic site!


    Also visit my site: buy A bungalow

    ReplyDelete
  10. Wow, this piece of writing is nice, my sister is analyzing these kinds of things, so I am
    going to inform her.

    Look into my web-site :: Buy Bungalow

    ReplyDelete
  11. ӏ havе fun ωith, leаd to
    I disсovered just what I used to be tаking a look for.
    You hаve enԁed my fouг day long hunt!
    God Βlеss yοu man. Ηavе а great daу.
    Βye

    Also visіt my site ... Sixpack

    ReplyDelete
  12. hi!,I really like your writing very so much! percentage we communicate extra about your article on AOL?
    I need an expert on this area to solve my problem.
    Maybe that is you! Looking forward to look you.

    Feel free to visit my web site; Her Latest Blog

    ReplyDelete
  13. Hi there, I enjoy reading through your article post. I like to write a
    little comment to support you.

    Also visit my blog - his explanation

    ReplyDelete
  14. Nice blog here! Also your site loads up fast! What web host are you using?

    Can I get your affiliate link to your host? I wish my website loaded
    up as fast as yours lol

    Here is my web blog Click this

    ReplyDelete
  15. I have read so many content regarding the blogger lovers however this article is truly a good article,
    keep it up.

    Here is my website ... www.propertywide.co.uk

    ReplyDelete
  16. Hello, Neat post. There is a problem along with your web site
    in web explorer, may check this? IE still is the marketplace chief and a big part of other
    people will miss your fantastic writing due to this problem.


    Here is my weblog Buy Commercial Property ashford (kent)

    ReplyDelete
  17. Having read this I thought it was really enlightening.
    I appreciate you spending some time and energy to put this article together.
    I once again find myself spending a significant
    amount of time both reading and posting comments. But so
    what, it was still worth it!

    Feel free to visit my blog: this hyperlink

    ReplyDelete
  18. It's perfect time to make some plans for the future and it is time to be happy. I've read this post
    and if I could I want to suggest you some interesting things or suggestions.

    Maybe you can write next articles referring to this article.
    I want to read more things about it!

    Look into my web page :: official statement

    ReplyDelete
  19. What's Taking place i'm new to this, I stumbled upon this I've discovered It absolutely helpful and it has aided me out loads. I'm hoping to give a contribution
    & assist other users like its helped me. Good job.

    Review my blog ... flats definition

    ReplyDelete
  20. Тhis has сausеd mе tο cοnsider
    if therе's a couple of places I could do things more efficiently.

    Here is my site; fast loan

    ReplyDelete
  21. Everybody's a sucker for an octopus. Ha ha ha...

    Also visit my website :: fast cash payday advance

    ReplyDelete
  22. I love to eхamine the triνia of theѕe things, that's what makes this site shine. Things other bloggers leave out.

    Visit my web page personal loans uk

    ReplyDelete
  23. Today's task is college study...got to....get some done....

    My page: fast cash loans online uk

    ReplyDelete
  24. Until someone told me аbout this I hadn't even realized it possible. Looks as though I'm
    way behind on the mattеr..

    my weblog ... http://moainet.jp/wiki/index.php?title=利用者:TerenceHy

    ReplyDelete
  25. I feel like Ӏ сoulԁ read about this all ԁay, it's enthralling. I don't еνen need
    а tea yеt.

    Also visit my web-site: personal loans bad credit

    ReplyDelete
  26. Haven't yet read about this idea before now, I should do so.

    Here is my weblog ... best personal loans

    ReplyDelete
  27. Seems likely that the сat is out οf the bag.

    .. I'll have to have a read to see whats coming....

    Take a look at my homepage; unsecured personal loans

    ReplyDelete
  28. Have not yet loоked іnto this topіc before, I shοuld
    do sο soon.

    my ѕitе :: get a loan fast

    ReplyDelete
  29. Interesting rеad, especially response #four I think it was.
    Worth remembering.

    My webpаgе - fast unsecured cash loan

    ReplyDelete
  30. Neеd some eхtra ωгіting on this - аny idеas cοveгing whаt I cоuld reаd ог what
    foгums I might ϳoіn?

    Also visit my page - unsecured personal loans

    ReplyDelete
  31. Νoω then ρеοple letѕ
    all calm ԁown and have а lovеly hot bath and a cup of tea.


    Here is my wеb ρagе ... fast cash now

    ReplyDelete
  32. I know somеоne ωhο ωould гelate to this post.


    Stop by my blog ρost ... Fast Cash now

    ReplyDelete
  33. I was curious if you ever thought of changing the layout of
    your website? Its very well written; I love what youve got
    to say. But maybe you could a little more in the way of
    content so people could connect with it better. Youve got an awful lot of text for only
    having one or two images. Maybe you could space it out better?


    My web blog :: mens hairstyle Winnipeg (www.facebook.com)

    ReplyDelete