Thanks to all for the information and details as provided.
I would try to explore the various options provided in the discussion.
Kindly note that I need to implement it on WAMP as mentioned earlier
(Windows, Apache, MySQL and PHP).
The one option I may request upon is that does Apache itself does not
provide modules / mechanism to implement SSO?
Thanks in advance.
Regards,
Prakash
On Mon, Sep 10, 2012 at 8:32 PM, Mark Montague <mark@xxxxxxxxxxx> wrote:
> On September 10, 2012 10:03 , Nick Kew <nick@xxxxxxxxxxxx> wrote:
>>>>
>>>> I need to implement SSO (Single Sign On) for a tool to be launched for
>>>> people of our organization only.
>>>
>>> For true SSO solutions, look at
>>
>> Any strong reason to prefer those to worldwide initiatives
>> such as OpenID/OpenAuth?
>
>
> Mostly because I didn't think of them :) But, now that you've asked:
>
> My understanding is that most of the following features offered by
> cosign/PubCookie/CAS are not offered by OpenID/OpenAuth:
> * Centralized Single Log Out.
> * Per-site forced reauthentication (e.g., when user's IP address
> changes, or when they access a particularly sensitive resource)
> * Per-site multi-factor authentication (including hardware tokens, X.509
> client certificates, etc.)
> * Idle time outs (require reauthentication after, say, 2 hours of no
> pages being requested).
> * Hard time outs (require reauthentication, say, every 24 hours or every
> week, regardless of activity)
> * Credential proxying to back-end services (other web servers, IMAP,
> LDAP, databases, etc.)
>
> Regardless of the above, OpenID/OpenAuth may be a fine choice for the
> original poster, depending on his requirements, particularly if he sets up
> his own OpenID provider rather than using an external provider such as
> Google or Yahoo.
>
> --
> Mark Montague
> mark@xxxxxxxxxxx
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|