Single Sign On

Every website is made for the purpose of collecting information about user and to provide the service to the user according to their needs. Presently there are about 15 billion website on the internet and they are growing daily. So, if you surf any website and want to get the information from website then you have to register with them and for registration you have to fill up the form. So, if you visit 100 website and want to have information then you have to register with 100 websites and fill 100 forms and remember 100 user names and 100 passwords. The management of passwords and user names is the headache for the user, how can a person remember 100 different user name and 100 different password. To help the users not to remember the 100 user-names and 100 passwords the service of Single Sign on (SSO) comes into existence. So, we can say that:

Single sign-on (SSO) session/user authentication process that permits a user to enter one name and password in order to access multiple applications. The process authenticates the user for all the applications they have been given rights to and eliminates further prompts when they switch applications during a particular session.

With the service of SSO a user doesn’t have to go through registration form and don’t have to remember the different user names and passwords. The SSO, is used by many on the websites, the numbers are growing regularly.

How, get the service of SSO?

SSO, service is provided by many websites, the user can use Google or Gmail, Yahoo, Hotmail, Facebook, Twitter etc., user names and passwords to access the website where SSO are implemented. Some of the popular website using SSO are stackexchange.com,  stackoverflow.com, sourceforge.net, openid.net, janrain.com etc website and with these website you don’t have fill the registration form, just let them know that you are SSO service provider and grant them the access to the information and you are registered with them.

How does developer uses to integrate the SSO service and that free of Cost?

The developer has to integrate the SSO service in their forms and that are

  1. OPENID
  2. OAUTH
  3. HYBRID

OpenID is an Open standard that describes how users can be Authenticated in a decentralized manner, obviating the need for services to provide their own ad hoc systems and allowing users to consolidate their `Digital identities’. The OpenID protocol does not rely on a central authority to authenticate a user’s identity. Moreover, neither services nor the OpenID standard may mandate a specific means by which to authenticate users, allowing for approaches ranging from the common (such as passwords) to the novel (such as Smart Cards or Biometrics). The term OpenID may also refer to an ID as specified in the OpenID standard;  these IDs take the form of a unique URL, and are managed by some ‘OpenID provider’ that handles authentication. What is your OPENID, if you are using one of the service of famous providers are:

Google.com – google.com/profiles/username
Yahoo.com – me.yahoo.com
AOL – openid.aol.com/screenname
Blogger – username.blogger.com or blogid.blogspot.com
Myopenid.com – username.myopenid.com
LiveJournal – username.livejournal.com
Wordpress – username.wordpress.com

There are many more, which can’t be provided here, to know the complete list kindly visit openid.net. This simply means if you are using any one of the service of above mentioned then you can login any website where Openid service has been accepted as login system.

OAuth (Open Authorization) is an Open Standard for Authorization. It allows users to share their private resources (e.g. photos, videos, contact lists) stored on one site with another site without having to hand out their credentials, typically username and password. OAuth allows users to hand out tokens instead of credentials to their data hosted by a given service provider. Each token grants access to a specific site (e.g. a video editing site) for specific resources (e.g. just videos from a specific album) and for a defined duration (e.g. the next 2 hours). This allows a user to grant a third-party site access to their information stored with another service provider, without sharing their access permissions or the full extent of their data. For more about implementation kindly visit oauth.net.

Hybrid – lets web developers combine a OpenID request with an OAuth authentication request. This extension is useful for web developers who use both OpenID and OAuth, particularly in that it simplifies the process for users by requesting their approval once instead of twice.

Advertisements
%d bloggers like this: