A Walk Through SSO - Tuesday, April 30, 2013

  • By Kushlani De Silva
  • 30 Apr, 2013

Username/password based authentication is a successful security mechanism as it is simple, straightforward and serves its key purpose. As the internet evolves, more and more applications are added to the web with billions of users around the world using it for business, educational and personal requirements.

This let to username/password based authentication became an anti-pattern as it introduced many issues:

  • Every service provider had to maintain username/ password of their users in their own databases.
  • Users were having difficulty in remembering multiple username and passwords as they were using multiple web applications.
  • Using the same username/password pair for all the applications they use. Leaking this credential to vulnerable or malicious web application left the user’s identity vulnerable.

Single Sign On (SSO) systems were introduced to respond to the the above challenges. Some of the characteristics of SSO are

  • Identity is managed in one place only (Identity Provider).
  • Users are authenticated only at the Identity Provider.
  • Service providers trust the assertions issued by the Identity Provider.
  • Service Providers allow or deny access based on the assertions issued by the identity provider.

Not only do Single Sign On systems address the authentication problem but it makes way for the enablement of rich features such as Identity Delegation, Identity Federation etc.

Join Suresh Attanayake on this webinar as he discusses how Single Sign On systems solve the identity problems, what are the available technologies and discusses some solution patterns.

Suresh Attanayake Software Engineer Suresh joined WSO2 as a Software Engineer in 2011 and is currently a part of the WSO2 Identity Server team. Passionate about web application and web services security, Suresh did his first security implementation, a SAML based SSO system while he was an intern at WSO2 in 2010.
Presentation Slides
Webinar Recording