public marks

PUBLIC MARKS from nhoizey with tag sso


Official Google Data APIs Blog: Bringing OpenID and OAuth Together

by 2 others
The Hybrid Protocol is a result of the ongoing effort by the OpenID and OAuth communities to make these protocols more useful for users and websites. Google is working together with the OpenID community to standardize the new protocol as a formal OpenID extension.


Questions & réponses sur la fédération du CRU [Comité Réseau des Universités]

Shibboleth ne remplace pas CAS. Shibboleth et CAS ont deux fonctions différentes : CAS offre le SSO pour les applications déployées dans le périmêtre (ou système d'information) d'un établissement, Shibboleth offre le SSO (et la diffusion d'attribut

Getting profile information rather than just authentication

CAS is a Web based local single signon. Shibboleth is a cross-university authentication and attribute system that doesn't have its own local signon. In order to use Shibboleth, you have to first have a local system like CAS.

Legacy Single Sign-On : A Competitive Analysis

Gartner Group indicates that in the year 2000, a full 30% of helpdesk calls were password related. The report went on to suggest that each password reset cost the average company about $32


NTLM HTTP Authentication is insecure by design

This write-up discusses a problem inherent to the situation of a connection-oriented authentication - authorization protocol (e.g. NTLM authentication) used with a proxy server that shares TCP connections among several clients

The NTLM Authentication Protocol

This article seeks to describe NTLM at an intermediate to advanced level of detail, suitable as a reference for implementors.


This is the implementation of an AuthenticationHandler for SPNEGO supports. This Handler support both NTLM and Kerberos. NTLM is disabled by default.

cas-fr - Re: [cas-fr] SSO/CAS authentification sur plusieurs attributs

L'authentification X509 est opérationnelle (mais pas forcément très bien packagée), elle sera normalement dans CAS 3.0.6. On y trouvera également Radius et SPNEGO (donc NTLM).

Main Articles: 'OpenID: Decentralised Single Sign-on for the Web', Ariadne Issue 51

OpenID is a single sign-on system for the Internet which puts people in charge. OpenID is a user-centric technology which allows a person to have control over how their Identity is both managed and used online.

ESUP Portail

Permet de CASsifier la partie publique de SPIP. Son accès est alors restreint à une catégorie de personnels. Les autorisations proviennent de l'annuaire LDAP. L’accès à la partie d'administration et de création d’article peut-lui aussi être CAS


Shibboleth Project - Internet2 Middleware

by 3 others (via)
Shibboleth is standards-based, open source middleware software which provides Web Single SignOn (SSO) across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.


CAS (Central Authentication Service)

by 2 others (via)
Yale University ITS Technology & Planning : CentralAuthenticationService


by 1 other (via)
a PHP client library for CAS (Central Authentication Service)

Lasso - Liberty Alliance Single Sign On

by 2 others (via)
Lasso is a free software C library aiming to implement the Liberty Alliance standards; it defines processes for federated identities, single sign-on and related protocols. Lasso is built on top of libxml2, XMLSec and OpenSSL and is licensed under the GNU General Public License (with an OpenSSL exception).