single-sign-on

问题 When i try to invoke a WCF service from an asp.net application (RP) which is authenticated by another asp.net application(IP) , I'm getting an error message with content of Login page (It is trying to reach the login page because it could not authenticate the request). Identity Provider : _http://localhost/AuthenticatonWS/Login.aspx Relying party Website : _http://localhost/RPWebsite/Default.aspx WCF Service : _http://localhost/RPWebsite/Service1.svc (In my solution I'm calling service1.svc

问题 We have an SSO system for authenticating users. We have a debate between these 2 options: Should we centralize the authorization of each application to one database (or any other single solution) and retrieve the information within the SSO request Each web application client should manage it's own authorization logic in it's a local database / scheme. 回答1: You should strive to decouple your business logic from non functional requirements such as authentication, logging, and of course

问题 I'm trying to wire our windows client application to use a single-sign-on mechanism. I'm following the explanations that can be found here. I'm already having trouble getting the first step to work, that is, acquiring the Signed On User's Ticket-Granting-Ticket. When running my unit test (code see below), I'm getting the following exception: javax.security.auth.login.LoginException: Unable to obtain Princpal Name for authentication at com.sun.security.auth.module.Krb5LoginModule.promptForName

问题 I am trying to implement SSO for my application. My application currently runs on Tomcat application server, I heard that its not possible to implement SSO (install web agent) on application server rather we need a web server which directs the user to the application (running on application server). Is that right? Can someone confirm? 回答1: It depend what tool / framework you use for SSO. For example, JOSSO supports Tomcat: http://www.josso.org/confluence/display/JOSSO1/Setup+JOSSO+Agent+%28SP

问题 I'm using grails with spring security and the JA-SIG CAS spring security plugin. One way I get this problem is when I have logged into the CAS server and I restart my application. Another way is if I log into another application via the same CAS server and then when I access my application then spring reports me as being logged out. If I try and go to a secured page then the login controller sends the browser into the same redirect loop. I can observer a stream of get requests to the cas

问题 I'm using grails with spring security and the JA-SIG CAS spring security plugin. One way I get this problem is when I have logged into the CAS server and I restart my application. Another way is if I log into another application via the same CAS server and then when I access my application then spring reports me as being logged out. If I try and go to a secured page then the login controller sends the browser into the same redirect loop. I can observer a stream of get requests to the cas

问题 I have written a click-once deployed application in .Net that runs on windows machines. I had a requirement to launch the application from a browser so that I can pass information to the application based on the current browser session (the HTTPHeadercontains a single-sign-on id that needs to be passed to the application so it can call secured web services). So the click-once application is provided as a link on a jsp, and the required id is passed as a querystring parameter in the link,

问题 As per SP initiated SSO flow, User tries to access SP. Since the user is unauthenticated, he is redirected to IDP where he enters his credentials, post successful login, IDP sets cookies in user's browser(under IDP's domain) and redirects the user back to SP with SAML response. Once SP verifies SAML response it creates it's own cookie/token and sets in user's browser under sp's domain. What should ideally happen in subsequent requests : Should SP rely only on it's own cookie to fetch user

问题 Sigle-Sign-On between a 4.0 framework application and a 2.0 framework application seems to be broken. I have an old application built on asp.net framework 2.0 and a new application built on asp.net framework 4.0 and I am attempting configure SSO between the two. I have done all the proper configruation of setting up the same machine key with identical validationKey, decryptionKey, validation, and decryption attributes as well as identical authentication name, domain, protection, and path

问题 I'm currently writing a C# metro app for the Windows 8 consumer preview which fetches some data from my REST-based web services. I want the app to authenticate against the services using the Windows Live account of the current user. Therefore, I added the Windows Live SDK to my solution and pasted the following snippet from the documentation into my login view: LiveAuthClient liveClient = new LiveAuthClient(); LiveLoginResult loginResult = await liveClient.Login(new string[] { "wl.signin" });