How does Single Sign-on (SSO) authentication work?

All about Trusted sign-on or Multi-Domain Security

About

Single Sign-On (SSO, trusted sign-on) is the ability:

  • to require a user to sign once
  • and gain access to different applications.

SSO is also known as:

  • as Trusted sign-on
  • or Multi-Domain Security

Characteristics

Flow

Single sign-on (sso) is conceptually pretty simple 1).

If you know the oauth flows, it's basically a indirect oauth flow, where the authorization point sets its own session cookie.

In this flow, there are:

  • The sso server, sso.com
  • and two applications:
    • domain1.com
    • domain2.com

Login on domain1.com

Login on domain1.com

Next, log in on domain2

  • User hits domain2.com and redirects to sso.com
  • sso.com already has a cookie for the user, so does not present the login page
  • sso.com redirects back to domain2.com with the encrypted information
  • domain2.com logs in the user.





Discover More
Kerberos

is a authentication/authorization protcol using secret-key cryptography It allows single-sign-on system, which means that you have to type your password only once per session where does the authentication...
Wna Sso Kerberos Weblogic
OBIEE 11G - SSO Authentication with Windows Native Authentication (WNA)

This article will go through an SSO Authentication with Windows Native Authentication (WNA) and kerberos Weblogic is on a Unix machines A Windows 2000 (or later release) Server domain...
Obiee Nid
Obiee - The nQuireID ( Authentication nqid )

Passing the nQuireID in the Go Url pull the authentication out and replace the need to pass credential (login/password) to authenticate (ie, like SSO or trusted sign on). In the cookie, the available...
Public Key Crypto Pair Key Creation
Public Key Authentication

Public key authentication is a asymmetric authentication method where the public keys are used as authentication credential for: automated processes implementing for instance single sign-on The...
Ssh Agent Key Connection Putty
SSH - Agent Forwarding (Forward Key)

agent forwarding is a mechanism whereby an SSH client allows an SSH server to use the local agent on the server, the user logs into, as if it was local there. We say that the private key is forwarded...
Security - Security Assertion Markup Language (SAML)

The Security Assertion Markup Language (SAML) standard is a XML token framework for creating, requesting, and exchanging security assertions between software entities on the Web. This framework specifies...
What is the SameSite Cookie property? First-Party and third-party cookie control

What is the SameSite Cookie property? First-Party and third-party cookie control samesite is a cookie property that controls if a cookie should be sent along in a cross-site HTTP request ie: when...
Public Key Crypto Pair Key Creation
What is Sender authentication ? (Public Key Authentication based, Certificate-based in Cryptography)

Sender Authentication is based on the digital signature. If you can decrypt the signature successfully, it proves that the message come from: a particular sender or group There is three type of...



Share this page:
Follow us:
Task Runner