• Post Reply Bookmark Topic Watch Topic
  • New Topic

single sign on with webservices and SAML

 
Manas Ahlaad
Ranch Hand
Posts: 165
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,
There was a white paper by sun people named WebSerSingleSignOn2370.pdf ,on achieving single sign on with web services and SAML.
it asks to have a web services at application side and a central web service talks to security server and individual web services and achieves funcationality ... hope you have read that...
now , in this scenario,
1. where will the central web service get user info for authentication ? will it replicate the userinfo on local database ??
2. What if the user information for same user is different in different applications ??

TIA
Manas
 
Manas Ahlaad
Ranch Hand
Posts: 165
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Moderator of this forum,
please see that atleast 60% of questions are answered. I have posted 3 questions .no response
Manas
 
Lasse Koskela
author
Sheriff
Posts: 11962
5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
(Disclaimer: I'm not the moderator)
Just how do you think the moderator can affect how the community acts regarding your post? If he doesn't know the answer, there's nothing much he can do (nor should in my opinion).
It would help a bit if you'd locate the mystical article and post a direct URL to it.
 
Manas Ahlaad
Ranch Hand
Posts: 165
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Lasse,
It was not a demanding note . I was requsting
By the way , the url is here
http://java.sun.com/features/2002/05/single-signon.html
Manas
 
Lasse Koskela
author
Sheriff
Posts: 11962
5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm not too knowledgeable about SSO but here's my take on your questions after browsing the article.
Originally posted by Manas Ahlaad:
1. where will the central web service get user info for authentication ? will it replicate the userinfo on local database ?

I believe the user information is stored in a single place (the authentication service) and isn't replicated at all. What is not included in this common, shared user info is stored (perhaps redundantly) by each independent service.
I might be wrong but isn't the user supposed to authenticate against the authentication service, which only gives the "target service" a token saying "yes, this user is indeed Manas. And by the way, his street address is this and that." In other words, the user passes some credentials (e.g. username + password), which the service passes on to the authentication service and receives the authentication token.

Originally posted by Manas Ahlaad:
2. What if the user information for same user is different in different applications ??

I believe some SSO products allow a single identity to have different information associated for different services. For example, identity "Manas" could have different credentials for different services (username+password for the intranet, a biometric fingerprint for office access, etc.) and different "metadata" for different services (home address for the company's performance management portal, work address for the staffing portal and no address at all for some third portal).
But, as I said, I'm no expert on SSO.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!