Authentication Designs for P4S 2007
The user experiences that you can deliver using Presto Add-On for SharePoint (P4S) 2007 depend on your SharePoint environment and how SharePoint and Presto Servers are deployed. The factors that determine an authentication architecture include:
SharePoint2007 Authentication: using Microsoft Office
SharePoint Server (MOSS) 2007:
With the Single Sign-On Service (MOSS SSO) to provide an initial challenge with single sign-on experience for
P4S users. Other factors in your environment also play a part in supporting single sign-on.
The Single Sign-On Service stores user credentials for external applications, such as the Presto Presto Server, accessed from SharePoint. User credentials are organized by target application, also known as an SSO Application Name, allowing the Single Sign-On Service to handle credentials for different applications. You can store user credentials under one SSO Application name to provide credentials that several Presto Servers share, allowing users to access mashups and apps from those Presto Servers seamlessly, or keep credentials for some Presto Servers separate using different SSO Application Names.
Without the Single Sign-On Service: this also can support an initial challenge experience depending on other factors in your
SharePoint environment.
Note: | P4S is not currently compatible with third-party single sign-on solutions, such as Netegrity SiteMiner, that are agent-based. If your SharePoint environment uses a third-party SSO solution, users may work in Presto Hub with SharePoint to create mashables, mashups and apps. However, users cannot use P4S actions in SharePoint and cannot publish mashups or apps to SharePoint. |
SharePointand PrestoPresto ServerDomains: how you deploy
Presto Servers in your
SharePoint environments affects the choices for authentication. If single sign-on is not possible, deploying
SharePoint servers and
Presto Servers in the same domains enables the use of cookies to simplify authentication.
The combination of these factors produce three authentication architectures that you can use. The following table summarizes which architectures can be applied to specific environments and the resulting user experience:
Authentication Architecture | MOSS + SSO Service | MOSS / No SSSO Service | SharePoint / Presto Server in Same Domains | SharePoint / Presto Server in Different Domains | User Experience |
SSO + Token Authentication | | | | | Initial challenge |
SSO + Cookie Authentication | | | | | Initial challenge |
No SSO, Manual Authentication | | | | | All challenges |