Web Application User Experience
Users log in to Informatica web applications enabled to use SAML-based single sign-on through a security domain containing single sign-on accounts.
When logging in to a web application, the user selects the security domain to log in through on the application log in page. Users enabled to use single sign-on select the LDAP security domain containing single-sign on accounts. The user then enters his or her user name and password. The credentials are sent in a SAML authentication request to AD FS, and the user is authenticated.
Subsequent authentication is managed through session cookies set in the web browser during the initial authentication. When authentication is complete, the user can access another Informatica web application configured to use SAML-based sign-on in the same browser session by selecting the LDAP security domain on the application log in page. The user does not need to supply a user name or password.
When authentication is complete, the user remains logged in to all Informatica web applications that are running in the same browser session. If AD FS is configured to issue persistent cookies, the user remains logged in after closing and restarting the browser.
However, if the user logs out of an Informatica web application, the user is also logged out of other Informatica web applications running in the same browser session.
Users not enabled to use SAML-based single sign-on select the native security domain on the web application log in page, and then provide the user name and password for the native account.