Oracle JD Edwards EnterpriseOne Single Sign On – SSO Integration

Oracle JD Edwards EnterpriseOne Single Sign On - SSO Integration

JDE EnterpriseOne Single Sign On – SSO Integration

Oracle JD Edwards – JDE EnterpriseOne SSO Integration strengthens JDE System security, enhances user experience, and increases user productivity, and reduces help-desk calls for password resets and lockout issues. SSO is not only mandatory for IT Security audits, but also recommended as per JDE Security Best practices. Here is a very high level procedure to implement SSO for EnterpriseOne:

  1. Install a Web Server such Oracle HTTP Server or Apache Web Server so that EnterpriseOne Applications are proxied through a Web HTTP Server
  2. Configure the proxy rules in the Web Server to forward the traffic to backend EnterpriseOne Web Servers for EnterpriseOne context /jde and port.
  3. $ cat mod_wl_ohs.conf
    <Location /jde>
        SetHandler weblogic-handler
        WebLogicHost jdeserver1.example.com
        WebLogicPort 9008
    </Location>
    
  4. Install SSOGEN – SSO Client in the Web Server to protect the web server
  5. Protect the JDE URI /jde
  6. Open EnterpriseOne Server Manager from a browser.
  7. Select your EnterpriseOne HTML Server instance.
  8. Select Network Settings from the Configuration section.
  9. In the Security Server Configuration section, select the Enable Oracle Access Manager option and enter SSOGEN Logout URL
  10. Apply and Synchronize the changes
  11. Stop and restart the EnterpriseOne HTML Server.

 

JD Edwards EnterpriseOne SSO Configuration

EnterpriseOne SSO – User Login Flow

  1. A user attempts to access an EnterpriseOne Application URL
  2. SSOGEN SSO Client deployed on the EnterpriseOne HTTP Server intercepts the request.
  3. SSO Client enforces the authentication by sending the user to SSOGEN
  4. SSOGEN then performs the user authentication either by Kerberos or Windows Authentication, or LDAP Authentication with Active Directory, or delegating authentication to Azure ADFS, or Okta, or another SSO Provider.
  5. Once SSO Authentication is successful, SSOGEN creates the response cookie and http header( JDE_SSO_UID or SSOGEN_USER based on the configuration) for the Web Server.
  6. Web Server would decrypt and read the message and then grants the access to protected /jde URIs.
  7. EnterpriseOne Application identifies the authentication performed by the web server and grant the access by redirecting the user to EnterpriseOne Home Page.

Web Server Install

Install Apache or Oracle HTTP Server Reverse Proxy to talk to EnterpriseOne HTML Server instance

Web Server Proxy

Configure Apache or Oracle HTTP Server Reverse Proxy to proxy all the JDE EnterpriseOne URLs for /JDE.

Enable SSO

Enable SSO at Web Server – Reverse Proxy and Configure SSO in EnterpriseOne and restart services

EnterpriseOne SSO Integration with LDAP Servers

SSOGEN – EnterpriseOne SSO Integration offers multiple authentication options. EnterpriseOne would be SSO enabled with Windows Native Authentication – WNA (a.k.a Kerberos or Desktop Authentication or Zero Touch SSO) or authenticated against most of the popular LDAP Servers in the market today.

EnterpriseOne - Active Directory Authentication

EnterpriseOne - RadiantLogic Authentication

EnterpriseOne - UnboundID Authentication

EnterpriseOne - OpenDS Authentication

EnterpriseOne - OpenDJ Authentication

EnterpriseOne - CA Directory Authentication

EnterpriseOne - IBM Directory Authentication

EnterpriseOne - NetIQ Authentication

EnterpriseOne - OpenLDAP Authentication

EnterpriseOne - SLAPD Authentication

EnterpriseOne - 389 Directory Server Authentication

EnterpriseOne - Apache Directory Authentication

EnterpriseOne - Oracle Unified Directory - OUD Authentication

EnterpriseOne - Oracle Directory Server - ODS Authentication

EnterpriseOne SSO SAML Integrations

EnterpriseOne is capable of integrating with SAML IDP v1, SAML IDP v2, OpenID Providers for Single Sign On. EnterpriseOne SSO would be easily integrated with other SSO Solutions such as Okta, Oracle Identity Cloud Services – IDCS, OneLogin, Azure SSO, Azure ADFS, Microsoft ADFS, PingFederate, Shibboleth, OpenID Providers, and other popular SSO Solutions such as CA Siteminder, IBM Tivoli Access Manager, and Oracle Access Manager, and many more.

JDE EnterpriseOne and Okta SSO Integration

JDE EnterpriseOne and OneLogin SSO Integration

JDE EnterpriseOne and Shibboleth SAML SSO Integration

JDE EnterpriseOne and PingFederate SAML SSO Integration

JDE EnterpriseOne and Oracle Identity Cloud Services – IDCS Integration

JDE EnterpriseOne and Azure ADFS - Azure SSO Integration

JDE EnterpriseOne and Microsoft ADFS Integration

JDE EnterpriseOne and CA Siteminder SSO Integration

JDE EnterpriseOne and IBM Tivoli SSO Integration

JDE EnterpriseOne and NetIQ SSO Integration

SSOgen Unique Benefits

Read more about SSOgen Unique Benefits and more

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Completely Free POC

Contact us to inquire about our free proof of concept for 30 days

Learn More?

Learn more about product features, unique benefits, and cost savings