Posted March 19, 2007on:
Most of the enterprise are moving towards a single sign-on approach or more towards some type of common form of authentication eg Open ID where all the forms of authentication eg- Network,Applications or any other application are done against either LDAP (Light Weight Directory Access Protocol) or ADS(Active Directory Services) if MS.
This is nice sign coz from the administration/management point of view ie., Sys admins,Net admins would have tighter control over their devices/applications etc., For one of our customers,we have implemented authentication against corporate LDAP directory(OID – Oracle Internet Directory) their business is vast,they are multi-national,they are diversified,they operate marines & aviation services across the globe.For all of their operations,they have good IT Team & they manage all of their operations.For each of their resources in each location,are managed in hierarchical directory structure.
Ofcourse there are issues in implementation,take for example the application which is participating in SSO will not store the User ID’s & have to authenticate against a common directory,Applications are expected to handle all types of authentication failure eg: Password expired,User locked,even communication failure.We have gone thro’ all these & user is reaping benefits.
Single sign-on is tough to implement but once implemented its done & reap benefits there after.