single-signon with X.509 certificates
From: paul b (bisibis_at_pt.lu)
Date: 01/29/04
- Previous message: trevor: "nessus not scanning other subnet"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 29 Jan 2004 11:10:12 -0800
Hello,
I need some help for a single signon system that I have to develop for
a society during the next few month
The system has to work in the following way:
The users have to do a single authentication against the system using
a X.509 certificate stored on an USB-token. Once this authentication
is correct, they will get access to some proprietary applications. All
the security has to lie thus on the certificates.
We already thought about some soluation and perhaps someone
implemented a similar system and tell me whats the bests solution:
- One possibility that we discussed was to use X.509 attribute
certificates and to store the user rights in the certificate itself.
- We also thought about storing the information in the LDAP directory
and interface the applications directly with the LDAP-tree in sort
that the authentication is done once against the LDAP-system and then
the rights are read from the three each time the user accesses an
application. Is this possible??
Perhaps someone can tell me how to preceed or give me a totally
new(and easier ;-)) idea to implement such a single signon system
Thanx
P.B.
- Previous message: trevor: "nessus not scanning other subnet"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
