Presto Add-Ons : Presto Add-On for SharePoint (P4S) : P4S Configuration and Administration, SharePoint 2010 : Planning Authentication for P4S 2010 : Authentication Designs for P4S 2010
Authentication Designs for P4S 2010
 
SSO + Token Authentication
SSO + Cookie Authentication
No SSO, Manual Authentication
The user experiences that you can deliver using Presto Add-On for SharePoint (P4S) 2010 depend on your SharePoint environment and how SharePoint and Presto Servers are deployed. The factors that determine an authentication architecture include:
*SharePointVersion and Authentication: using Microsoft SharePoint Server (MSS) 2010:
*With the Secure Store Service to provide a true single sign-on experience for P4S users. Other factors in your environment also play a part in supporting single sign-on.
The Secure Store Service stores user credentials for additional applications, such as the Presto Presto Server, accessed from SharePoint. User credentials are organized by target application, also known as an SSO Application Name, allowing the Secure Store service to handle credentials for different applications. You can store user credentials under one SSO Application name to provide credentials that several Presto Servers share, allowing users to access mashups and apps from those Presto Servers seamlessly, or keep credentials for some Presto Servers separate using different SSO Application Names.
*WithoutSecure Store Service: this prevents a full single sign-on experience, but can still support SSO with an initial challenge experience depending on other factors in your SharePoint environment.
Note:  
P4S is not currently compatible with third-party single sign-on solutions, such as Netegrity SiteMiner, that are agent-based. If your SharePoint environment uses a third-party SSO solution, users may work in Presto Hub with SharePoint to create mashables, mashups and apps. However, users cannot use P4S actions in SharePoint and cannot publish mashups or apps to SharePoint.
*SharePointand PrestoPresto ServerDomains: how you deploy Presto Servers in your SharePoint environments affects the choices for authentication. If single sign-on is not possible, deploying SharePoint servers and Presto Servers in the same domains enables the use of cookies to simplify authentication.
*User Repository: sharing the same user repository, such as an Active Directory or LDAP Directory, for both SharePoint servers and Presto Presto Servers supports a true single sign-on experience. This enables Presto Servers to use the same credentials as SharePoint.
Note:  
Currently there is a known issue for authentication challenges for mashups published in Mashup Web Parts when the user repository is shared. For mashups users will be challenged initially for mashups.
The combination of these factors produce three authentication architectures that you can use. The following table summarizes which architectures can be applied to specific environments and the resulting user experience:
Authentication Architecture
MSS + Secure Store
MSS + No Secure Store
SharePoint / Presto Server in Same Domains
SharePoint / Presto Server in Different Domains
SharePoint / Presto Server Share User Repository
User Experience
SSO + Token Authentication
Full SSO
Initial challenge
SSO + Cookie Authentication
Initial challenge
Initial challenge
No SSO, Manual Authentication
All challenges
All challenges
Copyright © 2006-2015 Software AG, Darmstadt, Germany.
Product LogoContact Support   |   Community   |   Feedback