Today’s post is about SSOFI (Single Sign-On Federated Identity) which is an open source project that unloads some of the more challenging issues from the application. Log in once, and then use any number of applications. The server is fast, lightweight, and easy to deploy. Continue reading
Category Archives: OAuth
SSO Much Fun: Identity Update
OpenID is slowly slowly gaining adoption. Here is a list of resources relevant to cloud identity, authentication, and authorization.
Identity Update: Browsers with OpenID?
For about a year I have been pushing OpenID and OAuth as a key component to a large scale “Social Process” system (see posts here, here, and here). In the past year I have tested these ideas with a project called “Process Leaves” which is essentially a wiki which supports a couple of non-profit organizations I volunteer with. In order to access the protected content, you must log in with an OpenId. Yet there is still a problem. Continue reading
REST assured, OAuth security
I have been investigating REST oriented workflow in a secure environment for the past couple of months. I covered OpenID a few months ago which is perfect for allowing for a kind of single sign on (SSO) in a web 2.0 environment without giving any service your password. Signing on to services is important, but how do you get a service to talk to another service, without giving one of them your password? Continue reading