Single Sign On is a Web Services based solution which can integrate technologies like Java, .NET, PHP, and Lotus Notes. It is easily distributable, and sets no limits on the Directory Size.
This paper talks about the web based single sign-on solution built primarily on Java, and supports applications built with Java, Dot Net, PHP, Perl, etc to be participants for Single Sign On
This proposed solution focuses on authenticating users against a Domino Directory Server via the Lightweight Third-Party Authentication (LTPA) token generated by the Domino Server. The LTPA token generated by the Domino Directory Server is set as a browser cookie which facilitates the single sign on process for all the participating web applications.
We at CSS Corp had a bunch of internal applications. All / each of the application was unique either business wise, or technology wise. Few were Lotus Notes based, few Java based, few Dot Net based, and a few PHP based. Each application was managing authentication on its own by replicating data from a single centralized Domino Directory Server. Now the plan was to provide a Single Sign On solution to all these applications via the centralized Domino Directory Server.
Given the problem statement, and knowing that the authentication has to happen via Domino Directory Server, the two questions that instantly stood up in our minds were:
We knew that answering these two would give us the needed insight into the actual problem. We started answering the above two…
Answer 1: Knowing that this would be a Single Sign On solution for hetro-technology based applications, there is NO point of an App Server. Hence, the session should be handled only by the Directory Server. We knew that was possible.
Answer2: Domino Directory Server usually creates a Lightweight Third-Party Authentication token (LTPA token) when a new user session is created. Thus, it was decided that the nucleus for the total solution would be the LTPA token.
Now quickly putting the proposed Web based Single Sign On solution on a high level architecture, it would look like:
To know more about this tool please mail us at : cssinnovations@csscorp.com
Simply enter your first name and email id into the
box below, then click the button and We'll send your
free newsletter every month via email.
We respect electronic privacy and will NOT give out your name and address under any circumstances.
