JOSSO
Encyclopedia
Java Open Single Sign On (JOSSO) is a single sign-on
solution for web applications. It is an open source Java EE based software for user authentication and authorization. The software is released under the GNU Lesser General Public License
(LGPL).
, Apache Tomcat
, JBoss
, ASP
, PHP
etc to authenticate users with credential store. JOSSO communicates with credential stores over the Lightweight Directory Access Protocol
(LDAP) or a JDBC connection.
JOSSO exposes Single Sign On services using SOAP over HTTP protocol allowing it to easily integrate with non-Java applications. JOSSO implements JAAS (Java Authentication and Authorization Service
) to authenticate and enforce access controls upon users.
Single sign-on
Single sign-on is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them...
solution for web applications. It is an open source Java EE based software for user authentication and authorization. The software is released under the GNU Lesser General Public License
GNU Lesser General Public License
The GNU Lesser General Public License or LGPL is a free software license published by the Free Software Foundation . It was designed as a compromise between the strong-copyleft GNU General Public License or GPL and permissive licenses such as the BSD licenses and the MIT License...
(LGPL).
Description
The framework allows multiple web server/applications such as the Apache HTTP ServerApache HTTP Server
The Apache HTTP Server, commonly referred to as Apache , is web server software notable for playing a key role in the initial growth of the World Wide Web. In 2009 it became the first web server software to surpass the 100 million website milestone...
, Apache Tomcat
Apache Tomcat
Apache Tomcat is an open source web server and servlet container developed by the Apache Software Foundation...
, JBoss
JBoss
JBoss Application Server is an open-source Java EE-based application server. An important distinction for this class of software is that it not only implements a server that runs on Java, but it actually implements the Java EE part of Java...
, ASP
Active Server Pages
Active Server Pages , also known as Classic ASP or ASP Classic, was Microsoft's first server-side script engine for dynamically-generated Web pages. Initially released as an add-on to Internet Information Services via the Windows NT 4.0 Option Pack Active Server Pages (ASP), also known as Classic...
, PHP
PHP
PHP is a general-purpose server-side scripting language originally designed for web development to produce dynamic web pages. For this purpose, PHP code is embedded into the HTML source document and interpreted by a web server with a PHP processor module, which generates the web page document...
etc to authenticate users with credential store. JOSSO communicates with credential stores over the Lightweight Directory Access Protocol
Lightweight Directory Access Protocol
The Lightweight Directory Access Protocol is an application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network...
(LDAP) or a JDBC connection.
JOSSO exposes Single Sign On services using SOAP over HTTP protocol allowing it to easily integrate with non-Java applications. JOSSO implements JAAS (Java Authentication and Authorization Service
Java Authentication and Authorization Service
Java Authentication and Authorization Service, or JAAS, pronounced "Jazz", is a Java security framework for user-centric security to augment the Java code-based security...
) to authenticate and enforce access controls upon users.
See also
- Shibboleth (Internet2)Shibboleth (Internet2)Shibboleth is an Internet2 project that has created an architecture and open-source implementation for federated identity-based authentication and authorization infrastructure based on Security Assertion Markup Language . Federated identity allows for information about users in one security domain...
- CASCentral Authentication ServiceThe Central Authentication Service is a single sign-on protocol for the web. Its purpose is to permit a user to access multiple applications while providing their credentials only once. It also allows web applications to authenticate users without gaining access to a user's security credentials,...
- Ping Federate
- Digital certificates