SSO To go

  • 910 views
Uploaded on

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
910
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
6
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. SSO  To  Go   A  ramble  along  the  pathways  of   Single  Sign  On  modules:  increasing  security  and  simplifying  user  sign-­‐up.   Marcus  Deglos   @manarth   hAp://deglos.com/  
  • 2. Is  SSO  about?  High-­‐tech  security?   Generic  enterprise  image  
  • 3. Usability   AAracFng   new  users   SSO   and   IdenFty   Management   Security  
  • 4. Usability  and  Drupal.org  api.drupal.org   drupal.org   groups.drupal.org  
  • 5. Bakery:  a  shared  cookie  soluFon   example.com   foo.example.com  POST   SET  COOKIE  -­‐  username   Chocolate  chip  -­‐  password  
  • 6. Bakery:  a  shared  cookie  soluFon   example.com   foo.example.com   Request  a/c   HTTP  request   COOKIE   Chocolate  chip  
  • 7. Bakery:  a  shared  cookie  soluFon   Responds  with   example.com   a/c  details   foo.example.com   Request  a/c   HTTP  request   COOKIE   Logged  in   Chocolate  chip  
  • 8. Bakery  is  good  for:  BeAer  usability  with:   MulFple  Drupal  sites   Same  domain   Simple  (no)  user  profiles  
  • 9. SSO  and  Security   Clichéd  security  icon  here  
  • 10. "ConvenFonal"  SSO  modules    Use  an  independent  idenFty  backend    Can  handle  more  complex  user  profiles    Usually  provide  role-­‐integraFon   MicrosoW   Atlassian  AcFve  Directory   Crowd   LDAP  
  • 11. Crowd:  delegated  authenFcaFon   Check  credenFals   -­‐  username   Crowd   ID  mgr:   -­‐  password   server   LDAP/ AD/???   example.com  POST  -­‐  username   Logged  in  -­‐  password  
  • 12. Security  best  pracFce   SSO  can  help  you   manage   and   review   your   admin   accounts  
  • 13. Users:  GoAa  catch  em  all!   Copyrighted  image   cant  go  here.  
  • 14. CollecFng  users:  making  signup  easy   facebook  
  • 15. OpenID  and  user  profiling  OpenID  s-­‐reg  supports:   Drupal  core  supports:   Nickname    Nickname   Email    Email   Full  name   Date  of  birth   Gender   Postcode   Add  with   Country   hook_openid   Language   Timezone  
  • 16. OpenID,  TwiAer,  FBconnect   Can  aAract  users  by:    Simplifying  user-­‐signup    Sharing  profiling   informaFon  
  • 17. Summary   SSO  for  usability:   Share  credenFals  across  sub-­‐domains.   SSO  for  security:   Manage  your  roles  and  users  with  a  dedicated   IdenFty  Management  pla_orm.   SSO  for  a7rac8ng  users:   Make  it  easy  for  visitors  to  become  members.