Overview

Single-Sign-On (SSO) and Sign-Off provides a convenient way for users to sign in once to enPortal and have enPortal manage sign-on credentials for proxied web applications. enPortal can then automatically sign-on on behalf of a user when they first access the proxied web content, and automatically sign-off once they log out of enPortal.

A number of different SSO token types are provided depending on what authentication mechanism a proxied application uses:

• HTTP Basic Authentication (basic): The most basic authentication mechanism, although still used it's not very common.
• NTLM Authentication (ntlm): This is also handled at the protocol layer and is not specific to a particular application. Typically this is implemented on Microsoft IIS servers. This authentication type supports NTLMv1, NTLMv2, and NTLM2 Session.
• Application (PIM) Specific: Many modern web applications manage user authentication and session handling themselves through either cookies or session tokens or some combination. In these cases enPortal PIMs provide custom authentication handlers to manage the sign-on and sign-off process.