Single sign on components

The concept and the essence of Single Sign-On scenario have been addressed above. Users

can login the portal from NTUH Intranet behind the firewalls. Currently, the

implementations of the SSOS scheme contain Portal Servers, Auth-WS servers, and

Application Servers: e.g. HIS components, Legacy HIS, as well as Outsourcing Systems, as

shown in Figure 2. The servers are configured, in clusters, running under load balancing,

fault tolerance mode.

The Portal Servers consolidate the SSOS, as illustrated in Figure 2 blue arrows, and deliver

users’ identities to the Auth-WS servers as indicated in red arrows. The Auth-WS validates

user’s authentication, authorization and generates an authentication access key for the user.

The Web-session Servers and Win-session Servers execute together to provide the Auth-WS

functionalities. During verifications, the Web-session Servers interact with all other servers,

i.e., Portal Servers, HIS components, Legacy HIS, Outsourcing Systems (depicted in red

arrows) to achieve the SSOS scheme. After SSOS validation, via Portal Server, other servers

can be invoked subsequently, eventually connected to the HIS databases if required.

A Dynamic Healthcare Portal Design and Enhancements 35

Fig. 2. NTUH Single Sign On scheme & execution environment