Passport Single Sign-In Process

The Passport Single Sign-In (SSI) process takes place in the following sequence:

1. Page request. The user attempts to access a page for which Passport is required, or clicks the “Passport sign in” icon.

2. Check for site cookies. The Passport Manager (a server-side COM object) looks for a set of Passport-related cookies placed by the site (“site cookies”) on the user’s machine. Site cookies are readable only by the participating site, and will be present only if the user has already been authenticated by that site. There are two types of site cookies:

• Authentication credential cookie. This contains a Password User ID (PUID) with time stamps for when the user’s current Passport session began and when the user last signed in. Sites can set parameters so that this cookie becomes “stale” if the user has not been authenticated within a certain time period. Sites can also mandate that the user sign in manually the first time they access the site, even if they’ve already signed in to Passport