Navigation Content
Quick references...
  • Detailed features list
  • http:///images/icons/App1.png

    Contents


    Collaba: Single Sign-On (SSO)

    «Single Sign-On» can be defined as: One userid, one password, entered one time, with passage allowed from one system to another without interruption.

    Why is Single Sign-On important?
    SSO plays a critical role in the success and safety of deploying heterogeneous systems and services to users. Without it, users have to know and remember login information for multiple services. This leads to a concept known as password fatigue, which itself leads people to adopt habits that reduce the security of their protected information. Single Sign-On virtually eliminates that serious security issue.

    The myth of Single-Sign-On magic!
    A surprisingly large number of people and organizations think that single sign-on is simple and happens pretty much like magic. In an ideal world where everyone would precisely follow industry standards, that might be the case. But real-world experience shows us that content and service providers rarely adopt such standards, or do so with incomplete or inaccurate compliance. This is why supporting single sign-on standards is not sufficient; and that is why Collaba also provides its own powerful SSO technology.

    Linking protected services

    Collaba features elaborate strategies and technologies for integrating protected web-based services and establishing single sign-on. First of all, the easiest way of connecting to a protected service is to use the CAS 2.0 standard. If the service does not support CAS, many other methods can be selected by using the Collaba Service Expansion (CSE) API.

    Protected services can be integrated in various places in Collaba. The most common place is the Bookmarks section. External protected services can also hot-replace most built-in Collaba modules (for example if you would like to replace Collaba's Calendar module with a different one), or simply be added to any standard Collaba navigation menu.

    Acting as an authentication server

    Collaba is a full CAS 2.0 Server (complies with the Central Authentication Service 2.0 protocol specification). As such, CAS-enabled services can use Collaba as an authentication server and let users in without requiring any login.

    Delegating authentication

    To avoid the need to store user passwords in the Collaba database, Collaba itself can use secondary authentication services to validate a user's credentials at login time. The Collaba Authentication API already supports LDAP, CAS, JAAS, SMTP-Auth, POP3-Auth and HTTP-Auth. Java developers can also use the API to add support for additional authentication methods. The API also supports on-the-fly user account creation.

    Technical details
    Our development team has extensive and diversified experience with the interconnection of third-party authentication-protected web-based services. The Collaba Service Expansion API is the result of many years of real-world experience with content publishers and service providers that very rarely obey or comply with industry standards on single sign-on. Our experience shows that our feature-rich API can successfully interconnect with virtually any web-based service.