This article covers a Bloomreach Experience Manager version 12. There's an updated version available that covers our most recent release.

Single Sign-On (SSO)

Introduction

Goal

Understand how Hippo's architecture supports single sign-on integration in enterprise environments.

Background

Organizations who implement Bloomreach Experience Manager in their enterprise environment may want to integrate Hippo with their existing single sign-on (SSO) solution. This page explains how Hippo's system architecture supports SSO integration. Specific integrations are described separately.

Enterprise SSO-Enabled Architecture

The deployment diagram below shows Hippo's SSO-enabled system architecture:

  • Typically the HTTPS connection for browser clients is configured and enabled in the reverse proxy layer (Apache Web Server).
  • Typically the reverse proxy redirects client requests to the enterprise SSO server for authentication. Once authenticated, the request is redirected back with a valid security token.
  • Applications running on the application server can access the enterprise SSO server to validate security tokens if needed.
  • Alternatively the authoring and delivery applications running on the application server can also authenticate users against the LDAP server if configured.
  • Alternatively the authoring and delivery applications running on the application server can also authenticate users through either form authentication, JAAS or Spring Security integration. Spring Security integration is capable of integrating with an enterprise SSO server seamlessly.

Specific Integrations

Did you find this page helpful?
How could this documentation serve you better?
On this page
    Did you find this page helpful?
    How could this documentation serve you better?