Thanks to all for the information and details as provided. I would try to explore the various options provided in the discussion. Kindly note that I need to implement it on WAMP as mentioned earlier (Windows, Apache, MySQL and PHP). The one option I may request upon is that does Apache itself does not provide modules / mechanism to implement SSO? Thanks in advance. Regards, Prakash On Mon, Sep 10, 2012 at 8:32 PM, Mark Montague <mark@xxxxxxxxxxx> wrote: > On September 10, 2012 10:03 , Nick Kew <nick@xxxxxxxxxxxx> wrote: >>>> >>>> I need to implement SSO (Single Sign On) for a tool to be launched for >>>> people of our organization only. >>> >>> For true SSO solutions, look at >> >> Any strong reason to prefer those to worldwide initiatives >> such as OpenID/OpenAuth? > > > Mostly because I didn't think of them :) But, now that you've asked: > > My understanding is that most of the following features offered by > cosign/PubCookie/CAS are not offered by OpenID/OpenAuth: > * Centralized Single Log Out. > * Per-site forced reauthentication (e.g., when user's IP address > changes, or when they access a particularly sensitive resource) > * Per-site multi-factor authentication (including hardware tokens, X.509 > client certificates, etc.) > * Idle time outs (require reauthentication after, say, 2 hours of no > pages being requested). > * Hard time outs (require reauthentication, say, every 24 hours or every > week, regardless of activity) > * Credential proxying to back-end services (other web servers, IMAP, > LDAP, databases, etc.) > > Regardless of the above, OpenID/OpenAuth may be a fine choice for the > original poster, depending on his requirements, particularly if he sets up > his own OpenID provider rather than using an external provider such as > Google or Yahoo. > > -- > Mark Montague > mark@xxxxxxxxxxx > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|