Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

OpenID as a Single Sign On option? [closed]

Tags:

I'm just looking for different opinions. Do you consider OpenID a good "Single Sign On" solution?

The way it works seems to be a little bit confusing for an average user and there could be problems related to "putting all your eggs in the same basket".

Anyway, have anyone tried to implement his own OpenId solution within the context of an Intranet where there are many different applications (Wordpress, Elgg, Media Wiki, ..)??

I consider it could be a great solution to solve the "Digital Identity" problem but I don't know if it will work with the "login once and surf the Intranet" problem.

Opinions?

like image 429
Ivan Arrizabalaga Avatar asked Aug 22 '08 10:08

Ivan Arrizabalaga

People also ask

Can OpenID be used for SSO?

OpenID is a standard added on the top of Oauth 2.0 (Authorization Protocol) framework which adds ID Token to access token in OAuth 2.0. OAuth and OpenID both act as Single Sign-On (SSO) standards.

What is a risk of using a Single Sign On scheme such as OpenID Connect?

Security risks and SSO Although single sign-on is a convenience to users, it presents risks to enterprise security. An attacker who gains control over a user's SSO credentials will be granted access to every application the user has rights to, increasing the amount of potential damage.

What a risk of using Single Sign On scheme Sachin OpenID Connect?

Once users sign in to their OpenID account, they can access other sites that accept OpenID without having to go through the full sign-in process. Thus, the user could fall victim to a cross-site request forgery (CSRF) attack.

How does SSO Single Sign On works?

With SSO, meaning Single Sign-On, after you're logged in via the SSO solution, you can access all company-approved applications and websites without having to log in again. That includes cloud applications as well as on-prem applications, often available through an SSO portal (also called a login portal).

1 Answers

Also, SSO (as you mentioned) usually implies that I only have to login once (presumably to my workstation) and then from there on, I don't need to sign-in anywhere.

OpenID of course doesn't solve that problem. For example, if I use OpenID to sign in to StackOverflow, it doesn't mean I don't need to sign in to another website again using the same openID.

like image 67
Vaibhav Avatar answered Oct 17 '22 22:10

Vaibhav
Sign in to Comment

Related questions

Setting up Team foundation server [closed]
Waiting for user input with a timeout
Semantic urls with dots in .net
Is there any way to get a reference to the calling object in c#?
Reading a Git repository, without Git
Theory vs Test Nunit
C# Get video file duration from metadata
How to find (and replace) all old C-style data type casts in my C++ source code?
Managing the localization of Java properties files
How to get unique users across multiple Django sites powered by the "sites" framework?
Is std::string thead-safe with gcc 4.3?
What are the different methods for injecting cross-cutting concerns?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!