Stuart J Rogers and Heesun Park, SAS Institute （斯图尔特·J·罗杰斯和Heesun公园SAS研究所）.pdfVIP

SAS Global Forum 2011 Systems Architecture and Administration Paper 365-2011 Single Sign-On Configuration and Troubleshooting for SAS® 9.2 Enterprise BI Web Applications Stuart J Rogers and Heesun Park, SAS Institute Inc., Cary, NC ABSTRACT Single Sign-On (SSO) means different things for different configurations and applications. The Single Sign-On logic and process for SAS® 9.2 Enterprise BI Web applications are examined based on various enterprise-level Web infrastructure configurations in which SAS Web applications are deployed. With such deployments, troubleshooting configuration and authentication errors is confusing and time-consuming. This paper explains Single Sign-On in terms of initial source of authentication, security arrangement, and trust relationships among the Web components and how SAS Web applications manage and consume externally authenticated user identity. Then this paper explores the troubleshooting strategies available for each of the enterprise-level Web infrastructure configurations. A methodology, along with recommended solutions, is presented for common error messages. INTRODUCTION WEB APPLICATION PROCTECTION MECHANISM Security implementation of J2EE Web applications consists of two parts. One part is authentication, which basically is an access control to the Web application itself. The other part is authorization, which controls what operation is allowed on resources, such as servers and data, by the authenticated user. This paper mainly focuses on the authentication