Applied Crypto
Hassle free single sign-on integrated with your enterprise windows domain Online Users: 8
(c) copyright
appliedcrypto.com
  Home Products Support  
Articles
References
Why SPNEGO?

Why SPNEGO?

Single Sign-on (SSO) is one of the how terms of the corporate world at the moment. But a lot of organizations do not take advantage of new technology. As a consequence, the corporate LAN users are left with the fight to remember 10's of userid/passwords, each set of credentials logging into a system with a defined set of access rights. The result is yellow post-it's attached on the screen with userid/passwords, same simple password on all systems etc., all compromizing security.

SPNEGO SSO But it does not have to be like that? In a corporate Windows world, technology exists for using your Windows login token to seamlessly login in to your back-end applications. Using Kerberos and SPNEGO, and mapping the Windows userid to your business application userid, relying strictly on the access model of each business application.

Think about it: How many logins each day could be avoided, time spent on creating business value instead?

Does your systems provide your customers SSO integration to their business systems? Or does it force each user to login a second, third or fourth time with a special Siebel set of login credentials? Otherwise, it could be avoided using Kerberos & SPNEGO letting your customers take advantage of new technology.

How?

SPNEGO ServletFilter

The servlet filter can be used for programmatic security, like portal frameworks or custom security models.

Supported platforms: WebLogic 8.1, WebSphere 5.0.2, 5.1, 6.0 and Tomcat 4.x, 5.0.x, 5.5.x, 6.x and other servlet engines running on either SUN JDK 1.4.x+ or IBM JDK 1.4.1+

WebSphere 5.0.2, 5.1, 6.0 security plugin

This security plugin is installed in the HTTP engine, protecting all HTTP access to all deployed applications. This is usefull in situations where applications can or should not be away of how authentication was handled

Tomcat 4.x+, 5.0.x, 5.5.x, 6.x security plugins

Authenticator Valve and Realm handles both authentication and authorization. Supports Active Directory domain forest (domain trees), with authorization towards multiple Active Directory LDAP's

JBoss 4 security plugins

Authenticator Valve and JAAS plugin handles both authentication and authorization. Supports Active Directory domain forest (domain trees), with authorization towards multiple Active Directory LDAP's

SPNEGO reverse proxy for Tomcat

The reverse proxy adds SPNEGO authentication to non JGSS JDK's including non java based web servers.

(c) copyright appliedcrypto.com AppliedCrypto News RSS feed