Wednesday, March 16, 2011

Single Sign-on in SharePoint 2010

Introduction:
In this article we will discuss about Single Sign-on in SharePoint 2010. Also you can check some SharePoint 2010 security articles.

Description:
The objective of Single Sign-on (SSO) is to allow users access to all applications from one logon. Concept of log in once and be authenticated to all your network resources onto existing applications. Users are not required to remember multiple IDs and passwords.

For developers benifit if the SSO mechanism is independent, then developers don't have to
worry about authentication at all. For administrators it is easy to maintain user account.
An sso solution is diffcult to implement and even more difficult, time consuming to implement into existing applications.

There are some security risk since a malicious user could gain access to a user's resources if the user walks away from his machine and leaves it logged in. it is worse with SSO because all authorized resources are compromised. At least with multiple logons, the user may only be logged into one system at the time and so only one resource is compromised.
In SharePoint 2010 the SSO is available as Secure Store Service.

You can read more in the below URLS:
http://www.internet.com/Microsoft/Everybodys_Business/Article/41367/Provide-SharePoint-Single-SignOn-with-Active-Directory-Federation-Services