sso

Suggestions needed for replacement of Oracle SSO 10g in an 11g environment

We're currently using the SSO component of Oracle 10g App Server to authenticate users on our external / internet facing client "portal" (think similar to online banking) SSO uses Oracle Internet Directory to store it's data, and we've been able to use PL/SQL and Java to access and modify the data held in OID (e.g create/drop users, cha...

Java SSO with GWT: correct procedure?

We're using GWT and currently working on SSO support. My assumption is that we're able to somehow "grab" the user, domain and SSO sessionID from the HTTP request. That would allow us to validate this data against the SSO provider and i.e. grab the group list from there for valid logins. Unfortunately I couldn't find an example nor any o...

PHP Single Sign On (SSO) generating new session id

I am trying to create a single sign on process. The method I have implemented makes use of storing session data in a database. When a new user comes to the website (www.example2.com) a table of authentication is checked. As this is their first visit to the website, there will be no match. The browser is redicted to the authentication ...

Where can I get a one-off server of Active Directory for Developing against?

We're not a windows shop, but one of our products is going to need to optionally integrate with Active Directory - things like SSO etc. I'd really rather not go through the rigamarole of setting up a whole server just to develop against it and then leave it hanging around for testing purposes. Is there a simple cloud-based service wher...

Single-Sign-On ASP.NET MVC

Hi Guys, We are trying to build a cross-domain single-sign on solution using ASP.NET MVC. Any existing solutions or tutorials available ? ...

GlassFish SSO, logout problem

Hi Stackoverflow, I'm developing some J2EE applications that should have common login point. My apps are hosted on GlassFish v3 application server. There is web.xml based security with FORM method (a HTML form with "j_security_check" action) and JDBC Realm on PostgreSQL 8.4 datasource. It worked absolutely fine while GlassFish SSO was ...

how to implement single sign on for asp.net,mysql websites

Hi, I am using mysql database for my asp.net website.I need to implement to single sign on for multiple instances of my website.Currently to check if a user has logged in I am using a user control which checks for a "loggedin" cookie with single instance of the website.Now I need to extend the logic to achieve single signon for multiple...

Is it possible to disable/bypass the login popup caused by mod_auth_ntlm_winbind (Single Sign On) and still get $_SERVER['REMOTE_USER']?

I have an intranet on a remote Web server. This will be integrated with Active Directory on our local server. The web server is running Apache / Linux and the AD server is running Windows 2003. This is all done with VPN. Login to the intranet is conducted in two ways: 1. Users who are logged in to AD to be logged in automatically with S...

Does CAS Support Application Level Impersonation?

I have a PHP application that is successfully authenticating against a CAS server. One of the features supported by the application is impersonation; a user with the appropriate privileges can impersonate another of the application. Generally, this isn't a problem because the app itself can keep track of who the user is impersonating and...

Servlet Session - switch from URL Rewriting to Cookie

Situation: I have a "dumb" Javascript frontend that can contact some kind of SSO middleware (MW). The MW can obtain sessions by issuing requests that contain authentication credentials (username, password). I.e. the session will be created for a certain user. My frontend needs to "restart" the session to gain the user's permissions to t...

Standard Apache (not OHS) with mod_osso for Single Signon

The mod_osso.so (the Apache plugin for Single Signon, provided by Oracle) is distributed with the Oracle HTTP Server (OHS), which is essentially a modified Apache. I am trying to use it on the standard Apache HTTP Server, and have not managed to get it to work. Configuration: Apache 2.2.15 OHS from the Oracle Web Tier Tools 11.1.1.2....

Multiple websites, Single sign-on design

Hi all, I have a question. A client I have been doing some work recently has a range of websites with different login mechanisms. He is looking to slowly migrate to a single sign-on mechanism for his websites (all written in asp.net mvc). I am looking at my options here, so here is a list of requirements: It has to be secure (duh) I...

BPOS Single Sign on

Hi , I want to call BPOS and its functions from another web application. The web application uses the same credentials that I want to use with BPOS. I think BPOS doesnot supports Single Sign On (SSO). Is there any alternative to implement it? ...

Using JBoss Web SingleSignOn with JBoss Seam

Has anyone successfully used JBoss Web SingleSignOn with JBoss Seam, or know if it is possible? I have two web app:s that I would like to share the same login functionality, ie if you sign into one web app you do not need to sign in again when accessing the other web app. Best regards P ...

How to resolve exception that thrown when session.invalidate() called in OC4J (10.1.3.5)?

How to resolve exception that thrown when session.invalidate() called in OC4J (10.1.3.5)? 10/06/22 07:46:39 ERROR: Error during SSO logout 10/06/22 07:46:39 java.lang.UnsupportedOperationException 10/06/22 07:46:39 at oracle.adf.share.DefaultContext.loadEnvironment(ADFContext.java:574) 10/06/22 07:46:39 at oracle.adf.share.A...

Seam security with externally-orchestrated SSO

I have an application deployed on WebLogic 10.3.2 (11g), in which the user logs in through SSO. In other words, if the user is not logged in, he is redirected to SSO, where he logs in, and then is redirected back to the application. The whole redirection takes place by an the Oracle HTTP Server (a modified apache), which makes sure that ...

Sharing a session between Ruby and PHP

Is it possible to share a session between my PHP app on a subdomain and my Ruby apps on my other subdomains? I don't really know where to take it from here. I know I can manually set the domain to the root one so that the cookie is valid for all the subdomains, but how would I get/set stuff from/to the session so that it's shared across...

How can I backup the encryption key for the SharePoint SSO service when the server is a virtual server?

The stupid SSO service only allows local login to the page AND only backing up the key to a removable storage device. When the SharePoint server is a virtual server, any other device does not show up as a removable device through the Remote Desktop "Local Resources" feature (they show up as a network drive). Is there some way to fake t...

How do you query a LDAP from a web application for SSO?

Need to query an LDAP from a .NET app to create a single sign on scenario, is this feasible? ...

Single Sign On widgets

I am developing an application with widgets. To enter the application you need to sign on. The widgets are small apllications already developed that need the same user and password. Therefore I want to implement Single Sign On from the fisrt log on to the widgets. How can I do this? ...