|
Single sign-on (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in with a single ID and password to gain access to a connected system or systems without using different usernames or passwords, or in some configurations seamlessly sign on at each system. This is typically accomplished using the Lightweight Directory Access Protocol (LDAP) and stored LDAP databases on servers.〔(【引用サイトリンク】title=SSO and LDAP Authentication )〕 A simple version of single sign-on can be achieved over IP networks using cookies but only if the sites share a common DNS parent domain. Conversely, single sign-off is the property whereby a single action of signing out terminates access to multiple software systems. As different applications and resources support different authentication mechanisms, single sign-on must internally translate and store credentials for the different mechanisms, from the credential used for initial authentication. Other shared authentication schemes not to be confused with SSO include OAuth, OpenID, OpenID Connect and Facebook Connect, which require the user to enter their login credentials each time they access a different site or application. ==Benefits== Benefits of using single sign-on include: * Reducing password fatigue from different user name and password combinations * Reducing time spent re-entering passwords for the same identity * Reducing IT costs due to lower number of IT help desk calls about passwords〔(【引用サイトリンク】title=Benefits of SSO )〕 SSO shares centralized authentication servers that all other applications and systems use for authentication purposes and combines this with techniques to ensure that users do not have to actively enter their credentials more than once. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「single signon」の詳細全文を読む スポンサード リンク
|