Phillip B Oldham wrote: > On Nov 11, 9:24 pm, paul <[EMAIL PROTECTED]> wrote: >> Phillip B Oldham schrieb:> Are there any FOSS Python Single-Sign-on Servers? >> >> [snip] >> >>> I've searched around but can only seem to find OpenID servers, which >>> will probably be too "open" for our needs. >> So if it is not OpenID, which protocol are you going to implement? > > In theory, we could use an OpenID server: our staff could register > with something like MyOpenID, register with each of our individual > webapps, and then gain access with a single sign-on. However, its not > really getting round the problem we have: we need to give our staff > access to all of our apps in one go, give them one place to sign on, > and have the ability to disable their account at short notice. Doing > this with openid would mean we have *no* access to the user account > and therefore would still have the overhead of having to disable > accounts with each webapp we provide. It also opens-up a security > threat in that anyone could register to our "internal" apps with an > OpenID account. Which is bad. > > Essentially, we need a SSO server with which we would register our > *webapps* and then create user account, specifying which webapps that > user has access to, and at what level. Essentially something like > OpenSSO but python-based.
Why not just implement a private OpenID server and only accept identities from that domain? regards Steve -- Steve Holden +1 571 484 6266 +1 800 494 3119 Holden Web LLC http://www.holdenweb.com/ -- http://mail.python.org/mailman/listinfo/python-list
