Single Sign On Software

author-dp

by Sam Sundhar
on December 09, 2017

The Problem

The IT Consumerization wave brought into our work lives, a plethora of apps such as email, productivity suites (such as G-suite), Apps (such as Evernote, Box etc.), CRM tools, ERP tools, HRMs and 1000s of other such applications.

Problem

This has also brought along with it, a flurry of usernames and passwords thereby leaving the end-user completely at sea. How do you effectively manage and use these applications since the lifeline of your business depends heavily on these tools? How do you avoid getting into this relentless cycle of forgetting and resetting a dozen passwords a day? Single Sign-On is something you should seriously consider.

What is "Single Sign-On"?

Single Sign-On (also known as SSO) helps a user gain access to multiple applications through an authentication process that uses just a single set of credentials. It enables single-click access to a whole lot of applications thereby mitigating the need to remember an endless list of usernames and passwords. It not only shortens the time to get started with these apps with just a click of single button but also has a whole lot of security benefits from an organizational standpoint.

How does Single Sign-On work?

The Single Sign-On service authenticates the end user for the multiple applications that the user has access to and eliminates any further triggers when the user switches to different applications in the same session.

Problem

There are 3 basic elements that constitute the Single Sign-On mechanism namely, the central Server, the Applications, the cookie. Applications place their trust on a Central Server and each time a user tries to login, a cookie is set on the Central Server. At subsequent attempts to login to other applications, the set cookie comes into play thereby avoiding the need for authentication one additional time, redirecting the user to the application he/she intends to use. This chain reaction continues until the Application is configured to trust the Central Server.

SSO in Higher-Education

SSO in HealthCare

SSO in Hospitality

SSO in Retail

LET’S TALK TECH!

SSO and SAML:

Security Assertion Markup Language is a protocol that Single Sign-On uses. Security Assertion Markup Language (SAML) is an XML standard for exchanging single sign-on information between an identity provider (IdP) which asserts the user identity and a service provider (SP) who consumes the user identity information.

Google’s logging in procedure where logging into Google account automatically logs you into other Google applications such as Google Plus, Google Maps, Gmail and YouTube is a brilliant example of Single Sign-On.

Where’s my SSO?

On-Premise:
On-Premise Single Sign-On requires high cost of personnel to deploy the system along with long hours spent on troubleshooting and debugging applications.

Cloud:
Cloud Identity and Access Management services let you login once to access all the services making it convenient for IT to give permission to end users to access cloud services.

Hybrid:
Hybrid Single Sign-On uses one directory (whether it's AD or cloud-based Google directory) for one half of the organization and Cloud directory for the other half. This lessens the change made in the directory and gives space to the IT management.

Some open source Single Sign-On solutions

Josso
JOSSO is an open source identity and access management solution focused on streamlining implementations through a visual modeling and generative approach. Founded in 2004, it is used by around 4,000 organizations worldwide.

Keycloak
Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code.

Gluu
The Gluu Server is free open source software and can be deployed in production for free! The Gluu Server can be configured to achieve single sign-on to any SAML 2.0 or OpenID Connect protected application.

OpenAM
OpenAM is an open source access management, entitlements and federation server platform. It is sponsored by ForgeRock. OpenAM originated as OpenSSO, an access management system created by Sun Microsystems and now owned by Oracle Corporation. OpenAM is a fork which was initiated following Oracle's purchase of Sun.

A word of Caution:

An Open Source Single sign-on may not have a promising product lifecycle and even though it’s free, the custom configuration and deploitation are not. Also, when it comes to Troubleshooting, you are on your own.

Author
...

Sam Sundhar

Sam Sundhar is the VP - Marketing of QuickLaunch and has 8+ years of experience in SaaS Product Marketing.

YOU MIGHT ALSO LIKE...

image

Why Is It Important for a SSO to be Self-Service?

Some SSO are self-serviceable, others require consultants. Let’s talk about the Self-Service feature of a Single Sign-On today.

image

Keep your Applications and Data Handy with the Highly Available Cloud

Cloud-based SSO can be accessed from anywhere via internet connection. Everything is moving on cloud and a cloud-based Single-Sign On solution is no more an option but the need of the hour.

image

7 Features to Look for While Choosing SSO Software

What will be your selection criteria so that you get the best one to suit the needs of your organization?