Single sign-on configuration for Moss 2010

The single point of entry in Moss is that the account and password of a system that requires a single sign-on integration is stored in MOSS through encryption in the Moss system, and the account and password are decrypted through the middle page at the time of landing, and then post to other systems to complete the landing, Of course, if the subsystem has a better landing interface will be more secure and reliable; This scheme realizes the account mapping problem in the single point landing, but does not help the user to realize the function such as jump, requests the developer to each system to handle the landing, is not a real complete single point landing solution, But in the enterprise internal system integration also exists certain superiority, namely simple, the subsystem basically does not have to carry on the alteration, if the individual development single point landing system, cannot avoid is to the existing system landing interface change, like the digital signature verification, the landing and the log out verification and the jump and so on.

Moss single sign-on is renamed as Secure Store service in version 2010 and can be found in central administration services, access to Central administration---application management----management Services application, and the Secure Store service, click on the service, The user is then asked to create a new key, enter a complex key keys, is used to encrypt the data key, complete the creation of the key, you can create a single sign-on application.

Take an Office system integration as an example, fill in the following information, where "Target Application ID" is used to identify the business system, representing the current business system, written in the program will be used.

Click Next will let the user fill in the system need to save the relevant information, can also add fields such as mailboxes, according to their own system, if the account and Moss account consistent, even the user column is not necessary.

The next step for the system to provide a management account, complete the creation, the system will be in SQL Server for the business system to create a separate database to save the system's account and password information, account and password are encrypted, so if you want to add their own accounts and passwords, This is typically done through the add interface provided by Moss, or through the programming interfaces provided by Moss.

Select the system you just created, the "Credential Settings" button in the Point Action Bar, add the mapping account for the OA system

Enter the relevant information, the credential owner is the user in the Moss System account number, the user is listed as the OA System account number, the password is the user in the OA system password