I got quite a bit out of this meeting. I wanted to find out more about how single sign on was being implemented and used. There are two protocols that are generally used, SAML and OpenId. Apparently SAML isn't really used much.
Many of the other approaches seem to use a valve or filter on the server and apply only to the apps on a given server. Another approach is to encode the user id and password, or other creditial, in the cookie and have each app read it and process it, rather than sending the cookie to a service.
How single sign on relates to kerberos and LDAP isn't completely clear to me. It seems like these can be used in conjunction with single sign on or that single sign on can be built on top of these.
There was also some discussion of gmail vs. the Micorsoft stack and resources that are available for organizations that would like to transition to gmail. And, of course, there were various other topics discussed, including Lisp and some politics.
Revision: 1.25.
Last modified: 2010/06/18 14:55:47.
webmaster at saclinux.org