Picking the right Single Sign On Protocol: WS-Fed, SAML2 or OpenID Connect - Anders Abel
The three big Single Sign On Protocols being used are WS-Federation, SAML2 and OpenID Connect. Others are Radius, NTLM, Kerberos and OAuth2. They are all efforts to give the users one single password to control access to multiple applications and resources. Picking the right protocol depends on platform and vendor support as well as support for different deployment scenarios. Mobile apps are first-class citizens in the OpenID Connect stack, but they were not even invented when SAML2 was created.
By putting the protocols side by side and comparing them we can see how some problems and concepts are coming back in different shapes. For each protocol generation, the protection of the users’ secrets have become better and the number of supported scenarios have increased. And for each protocol generation there are less trusted elements in a solution. The current state of the art protocol, OpenID Connect, can be described as the solution where nobody trusts no one but themselves. A user owning a resource can give granular access to an untrusted third-party application without the third-party application ever coming near the user’s password.
Видео Picking the right Single Sign On Protocol: WS-Fed, SAML2 or OpenID Connect - Anders Abel канала Swetugg
By putting the protocols side by side and comparing them we can see how some problems and concepts are coming back in different shapes. For each protocol generation, the protection of the users’ secrets have become better and the number of supported scenarios have increased. And for each protocol generation there are less trusted elements in a solution. The current state of the art protocol, OpenID Connect, can be described as the solution where nobody trusts no one but themselves. A user owning a resource can give granular access to an untrusted third-party application without the third-party application ever coming near the user’s password.
Видео Picking the right Single Sign On Protocol: WS-Fed, SAML2 or OpenID Connect - Anders Abel канала Swetugg
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Aurelia 2, learn all about the new hotness! - Andreas Wänqvist
What is new in .NET 7 and C# 11 - Johnny Hooyberghs
Bättre Continuous Intergration (CI) upplevelse med Windows Container - Fredrik Normén
JavaScript: behöver jag kanske (inte) ett ramverk? - David Vujic
SWETUGG 2015 - Design - den första användartesten - Jessica Engström
Supercharge your automated tests to fail better - Per Rovegård
SWETUGG 2015 - Smidig virtualisering med Vagrant & Chocolatey - David Vujic
REST, GraphQL and gRPC : A Comparison - Poornima Nayar
Develop in the cloud with dev containers and GitHub Codespaces - Jakob Ehn
Fun with Algorithms - Tess Ferrandez-Norlander
Introducing programming for kids - Johan Lindfors
Git Hidden Gems - Enrico Campidoglio
Azure Static Web Apps - From zero to deployed app in 60 minutes - Stacy Cashmore
From NT4 to .NET Core : Twenty Years of Continuous Improvement - Dylan Beattie
Trauma free incident management - Mårten Rånge
SWETUGG 2015 - Asp.Net 5 - Äntligen tar .Net en vänding! - Fredrik Normén
Continuous security - Kim van Wilgen
Exploring Source Generators - Martin Ullrich
Hypotesdriven utveckling - Johan Normén
.Net Security 101 - Cecilia Wirén
Forget about 10x developers - why you should look for a 10x team - Madeleine Schönemann