All geek questions in one place

Optimal single sign-on for internal enterprise web applications

As I am sure many companies do / want to do, my one is studying the introduction of a single solution for all of its internal web applications.

All company users have an AD account, and thus authentication will be performed through Active Directory.

However, many users use Unix, and many Windows users do not use IE, so integrated Windows authentication is less than ideal.

Before we collapse our own, I have to believe that this is a very common problem, and that they are excellent (I hope, free and open) solutions for creating a single sign on the provider and its client interfaces.

Although less important, I would prefer solutions to be .Net; however, if the standard is something else, let me know about it.

Thanks!

+3
source share
1 answer

I would recommend Kerberos. It is very safe and works with all the systems you mentioned without writing code.

For example, AD itself is Kerberos KDC. On Unix systems, you can configure AD,

http://www.cromwell-intl.com/unix/kerberos.html

For browsers, IE supports SPNEGO, which can also interact with AD,

http://msdn.microsoft.com/en-us/library/ms995329.aspx

+1
source

Source: https://habr.com/ru/post/1716916/

More articles:


All Articles