Archive/category: Single Sign-On

It’s OK to Get Stressed Out with OpenAM

In fact, it’s HIGHLY recommended…. Performance testing and stress testing are closely related and are essential tasks in any OpenAM deployment. When conducting performance testing, you are trying to determine how well your system performs when subjected to a particular load. A primary goal of performance testing is to determine whether the system that you Read more

Understanding the iPlanetDirectoryPro Cookie

So you have run into problems with OpenAM and you are now looking at the interaction between the Browser and the OpenAM server.  To assist you in your efforts you are using a plug-in like LiveHttpHeaders, SAML Tracer, or Fiddler and while you are intently studying “the dance” (as I like to call it), you Read more

How to Configure OpenAM Signing Keys

The exchange of SAML assertions between an Identity Provider (IdP) and a Service Provider (SP) uses Public-key Cryptography to validate the identity of the IdP and the integrity of the assertion.   Securing SAML Assertions SAML assertions passed over the public Internet will include a digital signature signed by an Identity Provider’s private key.  Additionally, Read more

Single Sign-On Explained

  So what is SSO and why do I care?   SSO is an acronym for “Single Sign-On”.  There are various forms of single sign-on with the most common being Enterprise Single Sign-On (ESSO) and Web Single Sign-On (WSSO). Each method utilizes different technologies to reduce the number of times a user has to enter their username/password Read more

Opinions About the Federal Government’s Identity Initiative

Interesting read. This is essentially a WebSSO initiative with authentication based on CAC type ID cards or OpenID. The CAC type of implementation (ID Cards) are not practical as they require everyone to have a card reader on their PC in order to do business with the government. I don’t see this happening anytime too Read more