JDE EnterpriseOne Single Sign On – SSO Integration
Oracle JD Edwards – JDE EnterpriseOne SSO Integration strengthens JDE System security, enhances user experience, and increases user productivity, and reduces help-desk calls for password resets and lockout issues. SSO is not only mandatory for IT Security audits, but also recommended as per JDE Security Best practices. Here is a very high level procedure to implement SSO for EnterpriseOne:
- Install a Web Server such Oracle HTTP Server or Apache Web Server so that EnterpriseOne Applications are proxied through a Web HTTP Server
- Configure the proxy rules in the Web Server to forward the traffic to backend EnterpriseOne Web Servers for EnterpriseOne context /jde and port.
- Install SSOGEN – SSO Client in the Web Server to protect the web server
- Protect the JDE URI /jde
- Open EnterpriseOne Server Manager from a browser.
- Select your EnterpriseOne HTML Server instance.
- Select Network Settings from the Configuration section.
- In the Security Server Configuration section, select the Enable Oracle Access Manager option and enter SSOGEN Logout URL
- Apply and Synchronize the changes
- Stop and restart the EnterpriseOne HTML Server.
$ cat mod_wl_ohs.conf <Location /jde> SetHandler weblogic-handler WebLogicHost jdeserver1.example.com WebLogicPort 9008 </Location>
EnterpriseOne SSO – User Login Flow
- A user attempts to access an EnterpriseOne Application URL
- SSOGEN SSO Client deployed on the EnterpriseOne HTTP Server intercepts the request.
- SSO Client enforces the authentication by sending the user to SSOGEN
- SSOGEN then performs the user authentication either by Kerberos or Windows Authentication, or LDAP Authentication with Active Directory, or delegating authentication to Azure ADFS, or Okta, or another SSO Provider.
- Once SSO Authentication is successful, SSOGEN creates the response cookie and http header( JDE_SSO_UID or SSOGEN_USER based on the configuration) for the Web Server.
- Web Server would decrypt and read the message and then grants the access to protected /jde URIs.
- EnterpriseOne Application identifies the authentication performed by the web server and grant the access by redirecting the user to EnterpriseOne Home Page.
Web Server Install
Install Apache or Oracle HTTP Server Reverse Proxy to talk to EnterpriseOne HTML Server instance
Web Server Proxy
Configure Apache or Oracle HTTP Server Reverse Proxy to proxy all the JDE EnterpriseOne URLs for /JDE.
Enable SSO at Web Server – Reverse Proxy and Configure SSO in EnterpriseOne and restart services
EnterpriseOne SSO Integration with LDAP Servers
SSOGEN – EnterpriseOne SSO Integration offers multiple authentication options. EnterpriseOne would be SSO enabled with Windows Native Authentication – WNA (a.k.a Kerberos or Desktop Authentication or Zero Touch SSO) or authenticated against most of the popular LDAP Servers in the market today.
EnterpriseOne - Active Directory Authentication
EnterpriseOne - RadiantLogic Authentication
EnterpriseOne - UnboundID Authentication
EnterpriseOne - OpenDS Authentication
EnterpriseOne - OpenDJ Authentication
EnterpriseOne - CA Directory Authentication
EnterpriseOne - IBM Directory Authentication
EnterpriseOne - NetIQ Authentication
EnterpriseOne - OpenLDAP Authentication
EnterpriseOne - SLAPD Authentication
EnterpriseOne - 389 Directory Server Authentication
EnterpriseOne - Apache Directory Authentication
EnterpriseOne - Oracle Unified Directory - OUD Authentication
EnterpriseOne - Oracle Directory Server - ODS Authentication
EnterpriseOne SSO SAML Integrations
EnterpriseOne is capable of integrating with SAML IDP v1, SAML IDP v2, OpenID Providers for Single Sign On. EnterpriseOne SSO would be easily integrated with other SSO Solutions such as Okta, Oracle Identity Cloud Services – IDCS, OneLogin, Azure SSO, Azure ADFS, Microsoft ADFS, PingFederate, Shibboleth, OpenID Providers, and other popular SSO Solutions such as CA Siteminder, IBM Tivoli Access Manager, and Oracle Access Manager, and many more.
JDE EnterpriseOne and Okta SSO Integration
JDE EnterpriseOne and OneLogin SSO Integration
JDE EnterpriseOne and Shibboleth SAML SSO Integration
JDE EnterpriseOne and PingFederate SAML SSO Integration
JDE EnterpriseOne and Oracle Identity Cloud Services – IDCS Integration
JDE EnterpriseOne and Azure ADFS - Azure SSO Integration
JDE EnterpriseOne and Microsoft ADFS Integration
JDE EnterpriseOne and CA Siteminder SSO Integration
JDE EnterpriseOne and IBM Tivoli SSO Integration
JDE EnterpriseOne and NetIQ SSO Integration
SSOgen Unique Benefits
Read more about SSOgen Unique Benefits and more
Completely Free POC
Contact us to inquire about our free proof of concept for 30 days
Learn more about product features, unique benefits, and cost savings