Axton, We have IIS currently doing a SSO with a custom web application. Reading Remedy's white paper on building the bridge via java and c++, it didn't look like it was going to be an easy process to build the code to get the credentials from IIS. If you have any examples or links to follow up on this, I would really appreciate it. Thanks to everyone who wrote back.
Jason On Tue, 10 Oct 2006 21:28:21 -0400, Axton <[EMAIL PROTECTED]> wrote: >It all depends on your level of trust for the method of >authentication. If you trust that IIS can properly retrieve the >user's information, then you can write an SSO solution for that >environment, granted all your target users are in an M$ domain and run >an M$ OS. > >If this is not the case, you will need to find an alternative. >PKI/Smartcards have been discussed extensively, though I'm not sure if >a solution has been developed (maybe someone in that arena could share >what type of infrastructure/software they use for that type of >authentication, then again, maybe not). > >From my observations, SSO solutions typically have a server component >that resides on the web server. Certain areas of the web server can >then be marked as protected, where authentication is required for >users to access that portion of the site. The SSO session is >established the first time a user authenticates to an SSO protected >site and those credentials persist for all/any access across other >sites that are protected using the same server side SSO software. The >session persistence is accomplished by storing some session >information on the SSO policy server, and that is >cross-referenced/autheticated using a client-side cookie. > >For some free (some maybe not so free) alternatives: >http://www.josso.org/ >http://www3.ca.com/solutions/Product.aspx?ID=166 >https://opensso.dev.java.net/ > >Axton Grams > >On 9/25/06, Jason Tuomy <[EMAIL PROTECTED]> wrote: >> I'm looking to implement a Single Sign On via mid-tier. I searched the >> archives but couldn't find any details. My customer is wanting to be able >> to point a user to the mid-tier and get them past the authentication >> without requiring the user to login. >> >> This would mean to somehow get their login and password credentials from >> their windows environment or something and pass it to the mid-tier and set >> the user directly to where they need to be. >> >> I found that there are plenty of SSO software out there that will get some >> form of this data and put it into some kind of HTTP token that I could >> then retrieve (via White Paper) and pass to mid-tier. >> >> I was wondering if I have to have SSO software or is there some way to do >> this without purchasing software. Again, my customer doesn't want to have >> the user do a login/password process to get to mid-tier. So, using LDAP >> doesn't seem to be the right process. Unless I can retrive the password >> and store it locally. >> >> Any help would be greatly appreciated. Thanks. >> Jason Tuomy >> >> ___________________________________________________________________________ ____ >> UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org >> > >__________________________________________________________________________ _____ >UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org >========================================================================= _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org