Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
A password sync (PS) adapter is an application that uses the Password Sync Helper component to pass notifications to and from Enterprise Single Sign-On (SSO). Note that although the PS Helper component exposes a COM and a .NET Framework interface, your adapter does not necessarily have to be a COM component. You can design your adapter as a stand-alone process, a COM+ application, or a Windows service.
To create a password sync adapter
Inform Enterprise Single Sign-On service (ENTSSO) that your provider is active using
ISSOPSWrapper.InitializeAdapter.InitializeAdapterinforms ENTSSO that a provider, usually the same provider that is making the call, is currently turned on, and therefore will be communicating password updates to and from the system. You can also useInitializeAdapterto activate other resources such as group adapters.Send password updates to ENTSSO by using
ISSOPSWrapper.SendNotification.You must determine how you receive password updates from your non-Windows system. After you receive the update, you can pass the information on to ENTSSO using
SendNotification. Note thatSendNotificationis not limited to sending password updates: the architecture ofSendNotificationalso enables you to send other types of notifications.Request password updates from ENTSSO by using
ISSOPSWrapper.ReceiveNotification.Because the password sync adapter is a pull technology, ENTSSO never calls your adapter. Instead, your adapter periodically calls
ReceiveNotificationto see whether any password updates are available. You can choose to set the WAIT flag onReceiveNotification. Setting WAIT blocks the thread until a notification is available.Note that ENTSSO delivers a password change to your adapter in plain text. It is the responsibility of the adapter to protect that password information against incorrect disclosure. It is also the responsibility of the adapter to protect itself against spoofing or attacks from other invalid sources, including spoofing of the Password Sync Helper component.
After you receive a password update from ENTSSO through the
pReceiveNotificationparameter, you must pass this information on to your non-Windows system. As withSendNotification, you must determine the best way to communicate with the remote server.Turn off your adapter using
ISSOPSWrapper.ShutdownAdapter.ShutdownApplicationshould be the last method called by an adapter, and indicates that the adapter will no longer send or receive password updates to ENTSSO.Note that ENTSSO buffers any password changes a user makes while the adapter is shut down, up to a buffer size limit.
See Also
Programming with Enterprise Single Sign-On
Synchronizing Passwords