what is SSO
I understand SSO as the one time login for all the applications connected. I would like to know more about SSO and how exactly it is achieved ...
sso
Know of SSO turnkey Appliance with ldap, radius, openid, etc?
I'm helping a typical small company that started with a couple of outsourced systems (google apps, svn/trac). added an internal jabber server (ejabber for mostly iChat clients). subscribes to a couple of webservices (e.g. highrisehq). and has a vpn service provided by a pfsense freebsd firewall. And the net result of all this is that th...
How to open a link from one web app to another already authenticated?
We have one web application (sharepoint) that collects information from disparate sources. We would like to be able to link users to the main websites of those various sources and have them pre-authenticated. I.E. they enter their credentials for the other sources (which are a number of different types LDAP, AD and home grown!) and we re...
Windows Authentication for remote reporting services
I have a ASP.NET web application that I use to display MS reports using a Report Viewer. The reports are sitting on a remote server. I need to use windows authentication to connect to the reporting services, as I need to display the reports based on who is logged on the web application. I've searched on the net for a solution,but couldn...
Using Apache's mod_auth across multiple sub-domains for single sign-on?
I have a domain and a group of sub-domains that require authentication to access. I am currently using mod_auth to authenticate users (mod_auth basic) at the domain.tld level. My goal is for single sign-on between the domain and all the sub-domains. Will these credentials carry on to the sub-domains automatically, or with a simple vhost...
Cross Domain Login - How to login a user automatically when transfered from one domain to another
We have offer a number of online services. We are required to develop a system which provides a quick/simple experience for users if they are transferred from one service (on domain1.com) to another service (on domain2.com). Is there a safe and secure way to automatically login a user automatically once they have been transferred to the...
What is the fate of OpenID?
Google has announced Google Friend Connect, and Facebook has announced Facebook Connect. Both services seek to solve the Single Sign On problem. Since OpenID was created to solve this issue, will it fail against the twin heavyweights of Facebook and Google? ...
Best articles/documentation about OpenID?
What is the recommended read if someone like to be first introduced to OpenID and later go more deeply into details to be prepared for implementation of OpenID based single sign-on? Pointers to some introduction articles for start, then to more thorough documentation and advices are welcome. ...
Passing credentials between sites
I am running two different sites on two different servers with two different domains. One site is running Joomla, the other Moodle. I have configured the Moodle server to base its authentication on the users table on the Joomla site, so we have an authoritative source of user information. What I'd like to do is this: after someone signs...
Example of using AuthType Digest to authenticate a user once across sub-domains?
Hi there. I have a domain that will be accessed by a small, private group of people. So I want to control access via authentication. The domain has a collection of applications installed that each have their own sub-domain. Eg: domain.com, app1.domain.com, app2.domain.com, app3.domain.com I'd love to have a single sign-on solution so ...
How to obtain a kerberos service ticket via GSS-API?
Does anyone know how to get a service ticket from the Key Distribution Center (KDC) using the Java GSS-API? I have a thick-client-application that first authenticates via JAAS using the Krb5LoginModule to fetch the TGT from the ticket cache (background: Windows e.g. uses a kerberos implementation and stores the ticket granting ticket in...
How to seamlessly mix ASP.NET and PHP Web applications
I have two websites, one driven by ASP.NET and the other in PHP. The PHP site is hosted on a relatively inexpensive host provider ('unlimited bandwidth and diskspace for $10 a month). The PHP site also provides REST URLs which would help me in monetizing my website. The other site (the 'main' site, as it were) is an ASP.NET website wh...
PHP Multi site login
I am currently working on a project that spans accross multiple domains. What I want is for the user to be able to login on one site and be logged in on all the others at the same time. The users session is stored in the database, the cookies that I set on each domain contain the session id. So basically when a user logs in to example....
Kerberos Authentification in PHP
Let's just assume that I don't know much about Kerberos - just the basics. I have... Debian Linux 2.6 Webserver Apache 2.2 mod_auth_kerb/5.3 PHP/5.2 a (working) Kerberos Realm Windows Client Firefox 3 an logged in identity "[email protected]" in MIT Network Identity Manager How do I use this information in a PHP script so that...
BizTalk SSO configuration and SQL Error 18456, Severity 14, State 16
Hello, I'm having a major issue trying to configure a new install of BizTalk Server 2006 (not R2). The server had Biztalk installed on it before, and it was working fine. I've uninstalled Biztalk, removed the databases and jobs from the SQL server, which is a separate machine, and reinstalled Biztalk. The install was successfull, wi...
If I want to use MOSS 2007 Single Sign-On, do my users HAVE TO be Active Directory users?
I want to use MOSS 2007's single sign-on feature, but read that the server needs to be in an Active Directory environment. This I understand, but does this mean all my users HAVE TO be Active Directory users? Can I not use MOSS2007 Single Sign-on if my users are authenticated using Forms Authentication (using a custom membership provider...
SSO-plus-SSL and Shibboleth: What options for sites with numerous virtual hosts?
Background: Customer X is a low-budget non-profit outfit that nonetheless has a lot of activity configured on virtual hosts, and the virtual hosts multiply very frequently. Customer X also has a lot of users and is interested in getting them over to a single sign on solution. This way, all the users can use the same credentials on all th...
Login without username and password from the web browser on Windows
I heard that on Windows you can login from a web browser to the web server without going through the usual login entering username and password but using instead the credentials from Windows directly, using the NTLM protocol. How is this achieved? Does the web server need to support some additional authentication? Update: I'm asking f...
OpenSSO or ESOE for .NET?
Does something like OpenSSO (https://opensso.dev.java.net/) or ESOE (http://esoeproject.org/) exist for the .NET platform? ...
SSO Best Practices: What are solutions for unreachable IDP?
Here's something similar to this question on general SSO best-practices. What is the best approach for dealing with a disabled or for-whatever-reason-unreachable central identity provider. If your website allows users to login with their centrally-stored credentials, and the central service is not working or unreachable do you: Allow u...