Project ONE CLICK
description
Transcript of Project ONE CLICK
![Page 1: Project ONE CLICK](https://reader036.fdocuments.net/reader036/viewer/2022062314/568147ab550346895db4e6eb/html5/thumbnails/1.jpg)
confidential
Date
Project ONE CLICK
: 12/26/2006
Oracle Single Sign-On
Sridhar Gangapuram
Manager, Oracle Applications (Phoenix)
Roger Raj
Sr. Technical Director (Oracle)
![Page 2: Project ONE CLICK](https://reader036.fdocuments.net/reader036/viewer/2022062314/568147ab550346895db4e6eb/html5/thumbnails/2.jpg)
2
Agenda
• Project Goals and Objectives• Previous Architecture• Current Architecture• Oracle Modules• Project Cycles• Challenges• Details of Technology Architecture• How Does Windows Native Authentication Work ?• Other Technology Elements• ONE CLICK Integration Road-Map• ONE CLICK Demo• Q&A
![Page 3: Project ONE CLICK](https://reader036.fdocuments.net/reader036/viewer/2022062314/568147ab550346895db4e6eb/html5/thumbnails/3.jpg)
3
Project Goals and Objectives
Goals: Implement Oracle Apps Single Sign-on Implement Discoverer Single Sign-on
Objectives: On ONE CLICK get into Oracle Apps On ONE CLICK get into Oracle Discoverer
![Page 4: Project ONE CLICK](https://reader036.fdocuments.net/reader036/viewer/2022062314/568147ab550346895db4e6eb/html5/thumbnails/4.jpg)
4
Previous Architecture
FormsServer
9i version
Reports Server
9i version
EssbaseServer
Linux Server – Oracle Apps Components
OptioReporting-Fax
Server
APRO EFTServer
Oracle & SFDCReporting
Server
HyperionServer
DiscovererServer
4i Version
![Page 5: Project ONE CLICK](https://reader036.fdocuments.net/reader036/viewer/2022062314/568147ab550346895db4e6eb/html5/thumbnails/5.jpg)
5
Current Architecture
FormsServer
9i version
Reports Server
9i version
Oracle & SFDCReporting
Server
Linux Server – Oracle Apps Components
OptioReporting-Fax
Server
APRO EFTServer
EssbaseServer
HyperionServer
SINGLE
SIGN
ON
Linux Server – SSO
MicrosoftAD
OID
DBI
Portal
![Page 6: Project ONE CLICK](https://reader036.fdocuments.net/reader036/viewer/2022062314/568147ab550346895db4e6eb/html5/thumbnails/6.jpg)
6
Oracle Modules
Oracle Modules
Finance Distribution Human Resources
Reporting
Accounts
Receivables
Order Management
Human Resources
Oracle Discoverer
Accounts Payables
Inventory Optio
Purchasing
Fixed Assets
Cash Management
General Ledger
![Page 7: Project ONE CLICK](https://reader036.fdocuments.net/reader036/viewer/2022062314/568147ab550346895db4e6eb/html5/thumbnails/7.jpg)
7
Project Cycles
GO-LIVE
MOCK
UAT
CRP3
CRP2
CRP1 ITIT
IT + BusinessIT + Business
IT + BusinessIT + Business
IT + BusinessIT + Business
ITIT
IT + BusinessIT + Business
![Page 8: Project ONE CLICK](https://reader036.fdocuments.net/reader036/viewer/2022062314/568147ab550346895db4e6eb/html5/thumbnails/8.jpg)
8
Challenges
• Business Test Cases• Business SOX Controls 250 plus• Apps Functionality All Modules• Custom Reports 100• Interfaces 10 in/out bound interfaces• Customer Facing Documents 20• Regions 4 Major Regions
• IT Test Cases• IT SOX Controls 50 plus• 10G Patching• EUL Patching• Oracle and AD Integration• Hardware New 10G Linux Server
![Page 9: Project ONE CLICK](https://reader036.fdocuments.net/reader036/viewer/2022062314/568147ab550346895db4e6eb/html5/thumbnails/9.jpg)
9
Details of Technology Architecture
• ONE CLICK’s Integration with Windows Native Authentication• AD session created on login• Oracle 10g AS can use this information• Kerberos enables session verification• Similar to Windows Exchange server• No more login challenges! • Fully compliant with SmartCards or Common Access
cards• Session is controlled by MS-Windows Kerberos• Userids/passwords are controlled by MS-AD
![Page 10: Project ONE CLICK](https://reader036.fdocuments.net/reader036/viewer/2022062314/568147ab550346895db4e6eb/html5/thumbnails/10.jpg)
10
1. User logs into the corporate network
Active directory
How Does Windows Native Authentication Work ?
ClientBrowser
2. Kerberos session
Ticket is created
PartnerApplication
OracleApplication
3. User requests a URL
Oracle 10gASSSO
Server
4. Partner redirects authentication to Oracle10gAS Server
5a. 10gAS queries Kerberos if the user has logged in
6. Sends success message to Partner
7. User is granted access to application
5b. Receives successful
ticket from Kerberos
![Page 11: Project ONE CLICK](https://reader036.fdocuments.net/reader036/viewer/2022062314/568147ab550346895db4e6eb/html5/thumbnails/11.jpg)
11
Other Technology Elements
• Oracle 10g Application Server• Single sign-on component• Oracle Internet Directory for User’s Id and groups
• 10g Discoverer – Drake version• Allows capture of single sign-on id• Users CLIENT_IDENTIFIER • No need to create and manage DB users (as in the
past releases)• Tied to a web-based implementation• No client tools need to be installed on desktops!
![Page 12: Project ONE CLICK](https://reader036.fdocuments.net/reader036/viewer/2022062314/568147ab550346895db4e6eb/html5/thumbnails/12.jpg)
12
ONE CLICK Integration Road-Map
• Make sure desktops are on XP-SP2 or above• Install 10g Application Server• Install 11i EBS 3.2 rollup patch (now 4.0 is available)• Make 11i a partner to 10gAS• Install Windows Native Auth support for 10gAS• Modify discoverer work pages to work with SSO-id• Test, document and migrate to production!
![Page 13: Project ONE CLICK](https://reader036.fdocuments.net/reader036/viewer/2022062314/568147ab550346895db4e6eb/html5/thumbnails/13.jpg)
13
ONE CLICK Demo
Oracle Applications
Oracle Discoverer
![Page 14: Project ONE CLICK](https://reader036.fdocuments.net/reader036/viewer/2022062314/568147ab550346895db4e6eb/html5/thumbnails/14.jpg)
14
Q&A
Q&Q U E S T I O N SQ U E S T I O N SA N S W E R SA N S W E R SA