try mod_auth_tkt On Tue, Sep 11, 2012 at 11:46 AM, Satya Prakash Prasad < satyaprakash.pra...@gmail.com> wrote:
> Thanks to all for the information and details as provided. > > I would try to explore the various options provided in the discussion. > Kindly note that I need to implement it on WAMP as mentioned earlier > (Windows, Apache, MySQL and PHP). > > The one option I may request upon is that does Apache itself does not > provide modules / mechanism to implement SSO? > > Thanks in advance. > > Regards, > Prakash > > > On Mon, Sep 10, 2012 at 8:32 PM, Mark Montague <m...@catseye.org> wrote: > > On September 10, 2012 10:03 , Nick Kew <n...@webthing.com> wrote: > >>>> > >>>> I need to implement SSO (Single Sign On) for a tool to be launched for > >>>> people of our organization only. > >>> > >>> For true SSO solutions, look at > >> > >> Any strong reason to prefer those to worldwide initiatives > >> such as OpenID/OpenAuth? > > > > > > Mostly because I didn't think of them :) But, now that you've asked: > > > > My understanding is that most of the following features offered by > > cosign/PubCookie/CAS are not offered by OpenID/OpenAuth: > > * Centralized Single Log Out. > > * Per-site forced reauthentication (e.g., when user's IP address > > changes, or when they access a particularly sensitive resource) > > * Per-site multi-factor authentication (including hardware tokens, > X.509 > > client certificates, etc.) > > * Idle time outs (require reauthentication after, say, 2 hours of no > > pages being requested). > > * Hard time outs (require reauthentication, say, every 24 hours or > every > > week, regardless of activity) > > * Credential proxying to back-end services (other web servers, IMAP, > > LDAP, databases, etc.) > > > > Regardless of the above, OpenID/OpenAuth may be a fine choice for the > > original poster, depending on his requirements, particularly if he sets > up > > his own OpenID provider rather than using an external provider such as > > Google or Yahoo. > > > > -- > > Mark Montague > > m...@catseye.org > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > > For additional commands, e-mail: users-h...@httpd.apache.org > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >