Customizing Single Sign-On (SSO) through an Out-of-the-box MicroStrategy Portlet

When users access MicroStrategy Web content and functionality through a portlet, single sign-on (SSO) lets them access MicroStrategy Web without having to re-enter credentials. Typically, users first log in to the portal application by manually entering their credentials and are authenticated. Then, when they make a request for MicroStrategy Web content and functionality through a portlet, the credentials needed to authenticate the user to MicroStrategy Web are retrieved using the portal log-in credentials or they are generated programmatically. Next, the portlet uses them to authenticate the user and create a new user session on MicroStrategy Intelligence Server. Finally, the portlet passes the session state, including the session ID, to MicroStrategy Web.

To customize SSO to an out-of-the-box portlet, you need to use anonymous authentication for the MicroStrategy portlet and specify that a custom credentials mapper class should be used. The credentials mapper class passes the credentials at runtime. It can include logic to map or generate these credentials.