java.net has recently published an article by Gianluca Brigandi about Single Sing-On integration in Apache\'s Pluto Portlet container. He shows how to provide Single Sign-On functionallity in Pluto using JOSSO. You can read the article here\r \ \r \ One significant feature that brings JOSSO out, shining with glory, of the several alternatives is that it is "Cross-platform: It allows for the integration of Java and non-Java applications, such as PHP or Microsoft ASP applications. It uses the standard SOAP over HTTP as the standard communication layer to deliver this cross-platform feature."\r \ \r \ The only remaining questions are: performance and security. To my inexperienced eyes, this looks like an MS Passport-alike solution and, if I am not wrong, MS Passport service is being abandonned by Microsoft for the lack of security. If that is true, will JOSSO share the same fate, in the future?