sso

OpenID as a Single Sign On option??

I'm just looking for different opinions. Do you consider OpenID a good "Single Sign On" solution? The way it works seems to be a little bit confusing for an average user and there could be problems related to "putting all your eggs in the same basket". Anyway, have anyone tried to implement his own OpenId solution within the context of...

Single Sign On across multiple domains

Our company has multiple domains set up with one website hosted on each of the domains. At this time, each domain has its own authentication which is done via cookies. When someone logged on to one domain needs to access anything from the other, the user needs to log in again using different credentials on the other website, located on...

dotNetNuke/Moodle integration

anyone out there have a moodle module for dotnetnuke, or some kind of integration setup that at least allows SSO? ...

Strategy for single sign on with legacy applications

I'm wondering what strategies people use for reduced sign on with legacy applications and how effective they have found them? We have an ASP.Net based intranet and own a lot of the legacy applications, but not all. We also have BizTalk and are considering the use of it's SSO engine too. ...

How do I get logout to work on RubyCAS-Server?

I have installed and setup RubyCAS-Server and RubyCAS-Client on my machine. Login works perfectly but when I try to logout I get this error message from the RubyCAS-Server: Camping Problem! CASServer::Controllers::Logout.GET ActiveRecord::StatementInvalid Mysql::Error: Unknown column 'username' in 'where clause': SELECT * FROM `casser...

IIS Authentication across servers

My production environment involves a pair of IIS 6 web servers, one running legacy .NET 1.1 applications and the other running .NET 2.0 applications. We cannot install .NET 2.0 alongside 1.1 on the same machine because it is a tightly-regulated 'Validated System' and would present a bureaucratic nightmare to revalidate. Websites on bot...

Getting windows/domain credentials in asp.net while allowing anonymous access in IIS

I have an asp.NET webapplication running in our datacenter in which we want the customer to logon with single sign-on. This would be very easy if we could use the IIS integrated security. However we can't do this. We don't have a trust to the domain controller of the customer. ANd we want to website to be available to the general intern...

SSO in webpages

Hello, I would like to know what's the best technique to do single sign-on in web sites. It means that if you enter in more than one website, you will be authenticated in a "transparent" way. I'm using php + curl to set the cookies for the different sites, but i really would like to know if does exist a standard way to do it. ...

What are some ADFS alternatives for doing single sign on for an ASP.NET app with users in active directory?

Needs to be secure and able to handle thousands of users. ...

How do I get user informations from a session id in ASP.NET ?

Hi, In an asp.net application, i would like to use a webservice to return the username associated with the session id passed as a parameter. We're currently using InProc session store. Is it possible to do this ? Edit: what i'm trying to do is get information about another session than the current one. I'm not trying to get the Sessio...

Which SSO Framework to use?

I've used OpenSSO (which is very powerful but complicated) and JOSSO (very simple but lacking many features). I've also looked at the CAS framework. My question is: What is your recommendation & insights regarding the different SSO frameworks (preferably Java oriented)? ...

BizTalk resolving SSO error "Unable to redeem ticket, no ticket exists in the message"

Hi, I am using Oracle adapter from the BizTalk Adapter Pack (WCF based for BTS 2006 R2). In the configuration of the "solicit-response" send ports, I have used Oracle's username and password to connect to the database. Now I would like to change that and use the SSO. So far I have created the Affiliate application and mapped the BTS Ho...

How do I create a network of sites that understand single sign-on?

I have several sites (Asp.Net) that I would like to have a single sign on for... I would like a user to visit Site1 and have Site1 contact a central single sign-on server (SSS). The SSS would then determine that the user was not logged on (Not sure how) and would redirect the user to a Logon screen (Still on the SSS). If authenticat...

URL Based Authentication Link

What are some good suggestions or resources to look at to help me secure a single click URL based authentication? Essentially, the situation is a third party system which accepts an HTTPS request, through the browser, where you supply authentication information (un, pw, authkey, ect...). The service then, upon authenticating the prov...

SSO between ASP.NET, ASP and PHP

I'm working on a site which is at the core/ master of a number of sites. We are also responsible for handling the authentication across all the sites under the brand banner. The client has wanted a single-sign-on operation to be included, so if I was to sign into any of the sites I would be signed into all the sites. We're handling the ...

SharePoint SSO with a PHP application on a different server?

Hello, I need to implement a SSO between a SharePoint site and a custom PHP-based site wich reside on a different domain. I need to use the SharePoint user accounts to log in the PHP site. (I'll have a full controll over the PHP source) Is this possible? Any tips and tricks? ...

Sun Access Manager

i'm looking to learn about SSO, and heard about Sun Access Manager and openSSO(?) I want to build a small system that does SSO, like have Apache as a front end working with an SSO server. Should I investigate Sun AM and is openSSO a product? Do they offer these free for developers? Thanks ...

Can I abandon an InProc ASP.NET session from a session different than one making the request?

We have an application that does single sign-on using a centralized authentication server (CAS). We'd like to do single sign-out, such that if the user logs out of one application (say a front-end portal), the user is automatically signed out of all applications using the same single sign-on ticket. The expectation would be that each a...

Is OpenID a flawed concept?

I'm not asking about specific implementations, I'm not asking about the global world view of cross site single sign on mechanisms, I just want to know what the community thinks about the underlying usability of OpenID. Do you think using a URL issued by a (to the non-technical observer) random assortment of providers in place of an actua...

How can I share user sessions across multiple domains using Rails?

Is anyone aware of any gems, tutorials, or solutions enabling a user to sign in to a website at one domain and automatically given access to other partner domains in the same session? I have two rails apps running, let's call them App-A and App-B. App-A has a database associated with it, powering the registration and login at App-A.com...