Are there any FOSS Python Single-Sign-on Servers?
Phillip B Oldham
phillip.oldham at gmail.com
Tue Nov 11 16:49:14 EST 2008
On Nov 11, 9:24 pm, paul <p... at subsignal.org> wrote:
> Phillip B Oldham schrieb:> Are there any FOSS Python Single-Sign-on Servers?
>
> [snip]
>
> > I've searched around but can only seem to find OpenID servers, which
> > will probably be too "open" for our needs.
>
> So if it is not OpenID, which protocol are you going to implement?
In theory, we could use an OpenID server: our staff could register
with something like MyOpenID, register with each of our individual
webapps, and then gain access with a single sign-on. However, its not
really getting round the problem we have: we need to give our staff
access to all of our apps in one go, give them one place to sign on,
and have the ability to disable their account at short notice. Doing
this with openid would mean we have *no* access to the user account
and therefore would still have the overhead of having to disable
accounts with each webapp we provide. It also opens-up a security
threat in that anyone could register to our "internal" apps with an
OpenID account. Which is bad.
Essentially, we need a SSO server with which we would register our
*webapps* and then create user account, specifying which webapps that
user has access to, and at what level. Essentially something like
OpenSSO but python-based.
More information about the Python-list
mailing list