1. SSO
To
Go
A
ramble
along
the
pathways
of
Single
Sign
On
modules:
increasing
security
and
simplifying
user
sign-‐up.
Marcus
Deglos
@manarth
hAp://deglos.com/
2. Is
SSO
about?
High-‐tech
security?
Generic
enterprise
image
3. Usability
AAracFng
new
users
SSO
and
IdenFty
Management
Security
10. "ConvenFonal"
SSO
modules
Use
an
independent
idenFty
backend
Can
handle
more
complex
user
profiles
Usually
provide
role-‐integraFon
MicrosoW
Atlassian
AcFve
Directory
Crowd
LDAP
11. Crowd:
delegated
authenFcaFon
Check
credenFals
-‐
username
Crowd
ID
mgr:
-‐
password
server
LDAP/
AD/???
example.com
POST
-‐
username
Logged
in
-‐
password
15. OpenID
and
user
profiling
OpenID
s-‐reg
supports:
Drupal
core
supports:
Nickname
Nickname
Email
Email
Full
name
Date
of
birth
Gender
Postcode
Add
with
Country
hook_openid
Language
Timezone
17. Summary
SSO
for
usability:
Share
credenFals
across
sub-‐domains.
SSO
for
security:
Manage
your
roles
and
users
with
a
dedicated
IdenFty
Management
pla_orm.
SSO
for
a7rac8ng
users:
Make
it
easy
for
visitors
to
become
members.