SSO in Java
java.net has recently published an article by
Gianluca Brigandi about Single Sing-On integration in Apache\’s Pluto
Portlet container. He shows how to provide Single Sign-On functionallity
in Pluto using JOSSO. You can read the article
here\r
\r
One significant feature that brings JOSSO out, shining with glory, of
the several alternatives is that it is “Cross-platform: It allows for
the integration of Java and non-Java applications, such as PHP or
Microsoft ASP applications. It uses the standard SOAP over HTTP as the
standard communication layer to deliver this cross-platform feature.”\r
\r
The only remaining questions are: performance and security. To my
inexperienced eyes, this looks like an MS Passport-alike solution and,
if I am not wrong, MS Passport service is being abandonned by Microsoft
for the lack of security. If that is true, will JOSSO share the same
fate, in the future?