SSO--Single Sign On simplified

-
Before we go there, lets understand what is meant by Authentication and Authorisation.
Lets take an example, if you are watching a video on youtube, its available to public and hence needs not Authentication, but to read your mail on gmail you would need to authenticate, i.e. say who you are and the gmail server checks by comparing your username and password with what has stored, this process is called Authentication. Now suppose you want be able to make changes to a resource, the system checks your Authority to see if are allowed to do that this is authorisation, like the uploader of a video can delete or edit the video where was as we are authorised to only view the video. 

by definition

Single sign-on (SSO) is mechanism whereby a single action of user authentication and authorisation can permit a user to access all computers and systems where he has access permission, without the need to enter multiple passwords. Single sign-on reduces human error, a major component of systems failure and is therefore highly desirable but difficult to implement. 

making it more simple, when you log into Gmail, you can access Google Calendar, Docs and the other 144+ Google services without having to register/signup nor having to log in with username and password, you just go in.... this is SSO or Single Sign On.

SSO can be achieved by SAML or OAuth in the following articles we will see what that means.

Popular posts from this blog

Ansible - Error - stderr: E: There are problems and -y was used without --force-yes

-
Image
In case your tasks is to install some packages and it errors out as below - name: Install linux-headers apt: pkg={{item}} state=installed install_recommends=yes update_cache=yes with_items: - linux-headers-generic - dkms sudo: yes failed: [parallelsUbuntu] => (item=linux-headers-generic,dkms) => {"failed": true, "item": "linux-headers-generic,dkms"} stderr: E: There are problems and -y was used without --force-yes stdout: Reading package lists... Building dependency tree... Reading state information... The following extra packages will be installed:   cpp fakeroot gcc libfakeroot linux-headers-3.13.0-63   linux-headers-3.13.0-63-generic patch Suggested packages:   cpp-doc dpkg-dev debhelper gcc-multilib manpages-dev autoconf automake1.9   libtool flex bison gdb gcc-doc diffutils-doc The following NEW packages will be installed:   cpp dkms fakeroot gcc libfakeroot linux-headers-3
Read more

Error: SMTPIN_ADDED_BROKEN@mx.google.com

-
Some times we see the below in the email header information. SMTPIN_ADDED_BROKEN@mx.google.com The cause of the "...SMTPIN_ADDED_BROKEN@mx.google.com" is because of the 'https://' in the original Message-ID, which is not allowed. There could be some dodo systems which might be doing this and they would need to be tweaked to now allow message-id (see my earlier posts on what it means) and to have https!
Read more