Confirmed users
1,136
edits
Single Sign On: Difference between revisions
Jump to navigation
Jump to search
→FAQ
(→FAQ) |
(→FAQ) |
||
| Line 23: | Line 23: | ||
* '''Q: Why not just use OpenID?''' | * '''Q: Why not just use OpenID?''' | ||
* A: OpenID alone prevents us from implementing such features as global logout and other future features that require a central authentication entity. However, we might at some point allow you to log into *SSO* using your OpenID. | * A: OpenID alone prevents us from implementing such features as global logout and other future features that require a central authentication entity. However, we might at some point allow you to log into *SSO* using your OpenID. | ||
OpenID is an awesome solution for completely open federation. CAS is a good solution for a coordinated cluster of websites under one umbrella. | |||
* '''Q: Why not just use LDAP?''' | * '''Q: Why not just use LDAP?''' | ||
* A: We wanted a simple solution for authentication which can be made available to the | * A: We wanted a simple solution for authentication which can be made available to the community. There are some operational concerns around running a public LDAP server. With CAS, we can whitelist a community app and it can be an un-trusted, but still be a first class user of SSO. LDAP can provide not only authentication, but also authorization and arbitrary attributes (profile). This confuses the purpose of SSO, which currently is *only* authentication. | ||
== Related == | == Related == | ||
* [[MozillaID]] | * [[MozillaID]] | ||