Are there any FOSS Python Single-Sign-on Servers?
Steve Holden
steve at holdenweb.com
Tue Nov 11 21:31:51 EST 2008
Phillip B Oldham wrote:
> On Nov 11, 9:24 pm, paul <p... at subsignal.org> wrote:
>> Phillip B Oldham schrieb:> Are there any FOSS Python Single-Sign-on Servers?
>>
>> [snip]
>>
>>> I've searched around but can only seem to find OpenID servers, which
>>> will probably be too "open" for our needs.
>> So if it is not OpenID, which protocol are you going to implement?
>
> In theory, we could use an OpenID server: our staff could register
> with something like MyOpenID, register with each of our individual
> webapps, and then gain access with a single sign-on. However, its not
> really getting round the problem we have: we need to give our staff
> access to all of our apps in one go, give them one place to sign on,
> and have the ability to disable their account at short notice. Doing
> this with openid would mean we have *no* access to the user account
> and therefore would still have the overhead of having to disable
> accounts with each webapp we provide. It also opens-up a security
> threat in that anyone could register to our "internal" apps with an
> OpenID account. Which is bad.
>
> Essentially, we need a SSO server with which we would register our
> *webapps* and then create user account, specifying which webapps that
> user has access to, and at what level. Essentially something like
> OpenSSO but python-based.
Why not just implement a private OpenID server and only accept
identities from that domain?
regards
Steve
--
Steve Holden +1 571 484 6266 +1 800 494 3119
Holden Web LLC http://www.holdenweb.com/
More information about the Python-list
mailing list