Appendix B: Security : Single Sign-On : Use Case 4
Use Case 4
This use case involves the scheduling of long-lived tasks and is referred to as delegation and renew. Some long running operations in the infrastructure require execution of long running tasks in the absence of the end user who initiated them. The SSO server supports such tasks by means of delegated and renewable tokens.
After a long running task is identified, the UI obtains a delegated and renewable token from the SSO server. It then passes the token to the solution, which performs the long running task. The solution persists the token in a non-secured way, as the token is self-secured. Every time the task is activated, the solution reads the token from the disk and makes a request to the SSO server to renew it. The user is not deleted from the system during this process.
Figure 66. Scheduling Long-Lived Tasks