All geek questions in one place

Legacy Single Sign-On Strategy

I’m wondering what strategies people use to reduce their subscription for legacy applications and how effective are they?

We have an ASP.Net based intranet and there are many old applications, but not all. We also have BizTalk, and we are considering using its SSO engine too.

+3
source share
4 answers

A good trade-off between effort / rework and the convenience of single sign-on is to continue to maintain your list of users, privileges, roles, etc. in an outdated application. Make the necessary changes to automatically register the user in your application based on their user account (usually their Windows or network account).

I am currently launching several applications that use this login method, and this makes them seem more integrated, even if they are not.

Another advantage we discovered is that it prevents users from using passwords for legacy applications. They are much less likely to issue an administrator password, which also gives others access to their email or salary information!

+2
source

? , - , , MS Identity Lifecycle Manager? , , , . , (, ) ILM, . . .
, biztalk .

, , . .

, , , , , , .

+2

. ( -)

( Windows Active Directory).

( ), AD, , . , .

(, , x ID, Windows (-), psuedo .

, , , , , Windows, . , , . .

There are also programs like Citrix XenApp Single Signon that take a completely different approach to the problem.

0
source

In addition to Jimmy's words about using ILM, this particular system allows you to integrate the AD PCNS service (password change service), which can be used with ILM (ILM "sees" the password change event and can publish it to other consumer applications / services), so that although to ensure that when a user password is changed in one system, it reflects on others.

0
source

Source: https://habr.com/ru/post/1696744/

More articles:


All Articles