1 / 14

Teamcenter ™ Security Services SSO

Teamcenter ™ Security Services SSO. Dennon Ison Software Engineer Dennon.Ison@gdc4s.com. Template # 99-P34884K, Rev E – 3/17/08. © 2008 General Dynamics.  All Rights Reserved. Objective.

brook
Download Presentation

Teamcenter ™ Security Services SSO

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Teamcenter™ Security Services SSO Dennon Ison Software Engineer Dennon.Ison@gdc4s.com Template # 99-P34884K, Rev E – 3/17/08 © 2008 General Dynamics.  All Rights Reserved.

  2. Objective • Explain how General Dynamics C4Systems implemented a no-challenge login using the Teamcenter Security Services™. © 2008 General Dynamics.  All Rights Reserved.

  3. Outline • The CIO Challenge • Terminology/Definitions • Teamcenter Enterprise™ Login Architecture • The Options • The Solution • Our Environment • Considerations • Questions © 2008 General Dynamics.  All Rights Reserved.

  4. The Challenge • Implement a non-challenge SSO solution for the Teamcenter™ suite of products. • Solution must have IT Networking acceptance/support • Solution must have IT Information Security acceptance/support • Solution must work with existing assets and resources © 2008 General Dynamics.  All Rights Reserved.

  5. Terminology • Authentication: Who the user really is • Authorization: What the user is allowed to do • SSO: A non-challenge login to systems after the user has been authenticated on the network domain • Teamcenter Security Services (TCSSO): Web-based application that maintains a central login for all Teamcenter applications • LdapAuth: Allow Enterprise users to login with their network login account © 2008 General Dynamics.  All Rights Reserved.

  6. Login Architecture (Enterprise) With LdapAuth With TCSSO Prompt for Credentials © 2008 General Dynamics.  All Rights Reserved.

  7. Network recommended Quick Need to use multiple machines to redirect Security “disliked” the idea The Options Internet Information Services™ (IIS) Move web tier to windows • Resolve security issue • Still use IIS • Lack of windows machines • Lack of “team comfort” JBoss™ LDAP Authentication • Limited customization • Significant setup • Lack of experience © 2008 General Dynamics.  All Rights Reserved.

  8. The Options Apache™ LDAP Authentication • Limited customization • Significant setup • Lack of experience Java Authentication and Authorization Service (JAAS) • Java based (any platform) • Web service • Customization • Changes to AD © 2008 General Dynamics.  All Rights Reserved.

  9. Validated against AD with Kerberos protocol All “open” credentials are kept in the same “container” (jvm) Works on any platform Should work on any J2EE java application server Only handled authentication of user, did not give Teamcenter Credentials The Solution JCIFS (Java Common Internet File System) (http://jcifs.samba.org) © 2008 General Dynamics.  All Rights Reserved.

  10. The Solution • Configure Security Services • Add JCIFS Filter to web.xml • Modify PreLoginPage.jsp © 2008 General Dynamics.  All Rights Reserved.

  11. The Solution JCIFS Filter © 2008 General Dynamics.  All Rights Reserved.

  12. Our Environment © 2008 General Dynamics.  All Rights Reserved.

  13. Considerations • Implemented with Tc Enterprise™, Tc Engineering™, Tc Reporting and Analytics™ • Only addresses web-based login (Clients, TcRA™ (backend), integrations, still use server side authorization) • Only works when logging in from windows OS machines (looking into Unix) © 2008 General Dynamics.  All Rights Reserved.

  14. Questions? © 2008 General Dynamics.  All Rights Reserved.

More Related