摘要 |
A method and device are provided for integrating single sign-on (SSO) mechanisms in a client/server system using communication according to the standard protocol OPC UA, and for performing SSO for user authentication and authorization in the system. A client is connected to an aggregating server, and the aggregating server is connected to subordinated servers via a communication network. To integrate SSO mechanisms, the aggregating server is provided with an SSO component for mapping user legitimation data used in a service call to identities in the form in which the identities are stored in the subordinate servers. To perform SSO using the SSO component, user legitimation data associated with a service call are used to automatically search for corresponding mapped identities and affected servers, and to call up an active session service for each match in each server via the mapped identity, to establish the desired access to data from the user's service invocation.
|