General Settings → Authentication → About Single Sign-On (SSO) → Single Sign-On (SSO) Components
The Gatekeeper is a servlet filter that rejects incoming messages that lack proper user credentials. The Gatekeeper acts an agent that sits in front of Application Repository and SBM Application Engine (each has its own gatekeeper), allowing requests to pass through if they have the proper authentication, or rejecting them if they do not.
The Security Server (also known as the Identity Provider or "IDP") presents a login page that requests credentials. Every login request comes through the Security Server to challenge the user for credentials.
The Identity Attribute Service is an abstraction layer that contacts the authentication source (in conjunction with the Context Provider) to authenticate a user's credentials and return verification to the Security Server. The IDAS allows the Security Server to operate with identity stores on a high level, so that the Security Server does not have to know a particular LDAP directory and its structure or the SBM Application Engine and its structure.
The Context Provider is an adapter to an authentication source, such as an LDAP directory. The authentication source could be LDAP or SBM internal passwords within the SBM Application Engine database. SBM supplies LDAP and SBM Application Engine context providers as part of the installation.
The Identity Store is the actual LDAP directory or database that holds the user identity (ID and password).
Copyright © 2007–2019 Micro Focus or one of its affiliates. All rights reserved.