SSO in Java
java.net has recently published an article by
Gianluca Brigandi about Single Sing-On integration in Apache\’s Pluto
Portlet container. He shows how to provide Single Sign-On functionallity
in Pluto using JOSSO. You can read the article
One significant feature that brings JOSSO out, shining with glory, of the several alternatives is that it is “Cross-platform: It allows for the integration of Java and non-Java applications, such as PHP or Microsoft ASP applications. It uses the standard SOAP over HTTP as the standard communication layer to deliver this cross-platform feature.”\r
The only remaining questions are: performance and security. To my inexperienced eyes, this looks like an MS Passport-alike solution and, if I am not wrong, MS Passport service is being abandonned by Microsoft for the lack of security. If that is true, will JOSSO share the same fate, in the future?