SSO Authentication Model

New Information

Progress Application Server for OpenEdge : Extending OpenEdge SSO to Web Applications : Programmer’s Guide to SSO Token Handling : SSO Authentication Model

The SSO authentication model for native OpenEdge SSO tokens follows the HTTP BASIC model where a client’s identity is authenticated on each HTTP request. The difference between the two is that HTTP BASIC sends user-id/password authentication on each request and SSO sends an encoded SSO token in each request.

Client request

The HTTP 1.1 format for the request is:

"Authorization : " + token_type + " " + access_token

For OpenEdge, the client request is:

Authorization : oecp b64-oecp-sso-token

HTTP Status Codes

200 indicates success.

401 indicates an SSO authentication failure.

WWW-Authenticate : oecp error=401,
error_description=error-desc
token-error-code

Note: For more information on token-error-code, see SSO Token Error Codes.