Web SSO solution that's easy to implement?

views:

425

answers:

Web SSO solution that's easy to implement?

I'm looking at a SSO (Single Sign On) solution to fit our relatively simple use case.

Website1 - currently authenticates with database user table.
Website 2 [new] - wants to use the same authentication information and when user clicks link to website1 they shouldn't have to re-login.

Website1 is J2EE based running on Websphere. Website 2 is .Net based hosted by external company.

Ideally looking to keep the current user table as the user directory and have time out of session across applications and password expiry.

Any suggestions on 'simple' SSO solution, trying to justify it against rolling our own.

If you can run both services under Apache, this worth a look: http://www.openfusion.com.au/labs/mod_auth_tkt/

Aleksei Potov 2009-11-03 11:57:21

+2 A:

I used the Central Authentication Service project (CAS) on a couple of projects. It was simple, easy to grasp and implement as of version 1.x.

CAS is an authentication system originally created by Yale University but now part of the Jasig Community.

Jasig Community CAS homepage

DeveloperWorks article on CAS from 2003

Niels Castle 2009-11-03 12:22:42

I am sure below solution will meet your expectation.

http://webmoli.com/2009/08/29/single-sign-on-in-java-platform/

Venkat 2009-11-15 05:36:16

A slightly more general solution that is very popular these days is OpenID. You can use your user table as an OpenID provider, and set up all your websites as OpenID consumers.

Benefits:

Simple
Widely used
Extensible, later you can allow more providers or add more consumers
Implementations in many languages

Adam Goode 2009-11-15 05:47:04

ansaurus

tags:

views:

answers:

Web SSO solution that's easy to implement?

related questions