Just looking for suggestions on easy to setup server side SSO between multiple server applications.
Basically, our team decided that it would be nice to have an SSO system in place with the goal of only needing a user to authenticate to just one app, then an authentication ticket would be passed to any other app that user opens during their current session.
The apps I currently have that I will need to SSO integrate are: Attlassian Jira, Confluence, Fisheye/Crucible and SVN that currently allow users to authenticate with their AD user id and password. I also have several node.js rest API servers using postgres and redis backends for user authentication which are not AD integrated.
I have no authentication ticket passing system currently in place between any of the apps, so the only thing AD is giving me is a place for centralized control of user rights. IE: Whenever a user opens one of our applications/pages, they have to enter their own user ID and password to gain access to the specific app/page, although the specific per app user access level is controlled by the AD groups the user is a member of.
So, if there is anyone who read this and was not confused about what I am asking: What would you recommend? (Please, tell me something from your own experience, not just a google search as I've been there and done that already).
ty
Basically, our team decided that it would be nice to have an SSO system in place with the goal of only needing a user to authenticate to just one app, then an authentication ticket would be passed to any other app that user opens during their current session.
The apps I currently have that I will need to SSO integrate are: Attlassian Jira, Confluence, Fisheye/Crucible and SVN that currently allow users to authenticate with their AD user id and password. I also have several node.js rest API servers using postgres and redis backends for user authentication which are not AD integrated.
I have no authentication ticket passing system currently in place between any of the apps, so the only thing AD is giving me is a place for centralized control of user rights. IE: Whenever a user opens one of our applications/pages, they have to enter their own user ID and password to gain access to the specific app/page, although the specific per app user access level is controlled by the AD groups the user is a member of.
So, if there is anyone who read this and was not confused about what I am asking: What would you recommend? (Please, tell me something from your own experience, not just a google search as I've been there and done that already).
ty