Re: web single signon

From: Nils O. Selåsdal (noselasd_at_frisurf.no)
Date: 02/20/04

• Next message: E.: "Re: can't renew IP?!"
• Previous message: chi far: "ssh man-in-the-middle learning session"
• In reply to: paul b: "web single signon"
• Next in thread: David Magda: "Re: web single signon"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 20 Feb 2004 08:29:40 GMT

In article <1f716d42.0402190325.5a7e7172@posting.google.com>, paul b wrote:
> Hello,
> I have to develop a web single signon system for a company and perhaps
> someone has already done a similar project.
>
> The goal is that the user will be identified with a certificate,
> stored on an usb-token(eAladdin eToken), and that they only have to
> signon once to be able to use all the company wide wbesites.
>
> We already put in place a certificate server which works fine and
> imagined to store the information which user has access to which sites
> in an LDAP tree, is this a good idea.
>
> I am not really sure how I can now manage the single signon on the
> websites, can someone give me a explanation how this will be managed.
> I saw an example where perl-scripts are running in the back of every
> site and interfacing with the LDAP tree to veryfy the users access
> rights, is this a good idea or are there better possibilities
>
> Thanks in advance
Why not use something like Kerberos ? Its well designed, has single-sign
on capabilities, and be extensible enough to use a token on your usb thingy.
You'll need to actually change the browser though..
There are some sourceforge project that implements the web server side.
IExplorer and IIS already have this capability, though I'm not sure its
compliant with the relevant RFC draft.

• Next message: E.: "Re: can't renew IP?!"
• Previous message: chi far: "ssh man-in-the-middle learning session"
• In reply to: paul b: "web single signon"
• Next in thread: David Magda: "Re: web single signon"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: web single signon ... > I have to develop a web single signon system for a company and perhaps ... > in an LDAP tree, ... on capabilities, and be extensible enough to use a token on your usb thingy. ... (comp.unix.misc) Re: web single signon ... > I have to develop a web single signon system for a company and perhaps ... > in an LDAP tree, ... on capabilities, and be extensible enough to use a token on your usb thingy. ... (comp.unix.programmer) Re: web single signon ... > I have to develop a web single signon system for a company and perhaps ... > in an LDAP tree, ... on capabilities, and be extensible enough to use a token on your usb thingy. ... (comp.security.unix) web single signon ... I have to develop a web single signon system for a company and perhaps ... We already put in place a certificate server which works fine and ... in an LDAP tree, ... site and interfacing with the LDAP tree to veryfy the users access ... (comp.unix.misc) web single signon ... I have to develop a web single signon system for a company and perhaps ... We already put in place a certificate server which works fine and ... in an LDAP tree, ... site and interfacing with the LDAP tree to veryfy the users access ... (comp.unix.programmer)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint