Picking the right Single Sign On Protocol: WS-Fed, SAML2 or OpenID Connect - Anders Abel
The three big Single Sign On Protocols being used are WS-Federation, SAML2 and OpenID Connect. Others are Radius, NTLM, Kerberos and OAuth2. They are all efforts to give the users one single password to control access to multiple applications and resources. Picking the right protocol depends on platform and vendor support as well as support for different deployment scenarios. Mobile apps are first-class citizens in the OpenID Connect stack, but they were not even invented when SAML2 was created.
By putting the protocols side by side and comparing them we can see how some problems and concepts are coming back in different shapes. For each protocol generation, the protection of the users’ secrets have become better and the number of supported scenarios have increased. And for each protocol generation there are less trusted elements in a solution. The current state of the art protocol, OpenID Connect, can be described as the solution where nobody trusts no one but themselves. A user owning a resource can give granular access to an untrusted third-party application without the third-party application ever coming near the user’s password.
Видео Picking the right Single Sign On Protocol: WS-Fed, SAML2 or OpenID Connect - Anders Abel канала Swetugg
By putting the protocols side by side and comparing them we can see how some problems and concepts are coming back in different shapes. For each protocol generation, the protection of the users’ secrets have become better and the number of supported scenarios have increased. And for each protocol generation there are less trusted elements in a solution. The current state of the art protocol, OpenID Connect, can be described as the solution where nobody trusts no one but themselves. A user owning a resource can give granular access to an untrusted third-party application without the third-party application ever coming near the user’s password.
Видео Picking the right Single Sign On Protocol: WS-Fed, SAML2 or OpenID Connect - Anders Abel канала Swetugg
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![Aurelia 2, learn all about the new hotness! - Andreas Wänqvist](https://i.ytimg.com/vi/w4qTyn4Bnw8/default.jpg)
![What is new in .NET 7 and C# 11 - Johnny Hooyberghs](https://i.ytimg.com/vi/_bOtM0biINM/default.jpg)
![Bättre Continuous Intergration (CI) upplevelse med Windows Container - Fredrik Normén](https://i.ytimg.com/vi/gLorTe45xy4/default.jpg)
![JavaScript: behöver jag kanske (inte) ett ramverk? - David Vujic](https://i.ytimg.com/vi/dyMtHtJMAoo/default.jpg)
![SWETUGG 2015 - Design - den första användartesten - Jessica Engström](https://i.ytimg.com/vi/kEOYxgFHeuc/default.jpg)
![Supercharge your automated tests to fail better - Per Rovegård](https://i.ytimg.com/vi/jJRgSy2vVF8/default.jpg)
![SWETUGG 2015 - Smidig virtualisering med Vagrant & Chocolatey - David Vujic](https://i.ytimg.com/vi/i-m-dTYPMz0/default.jpg)
![REST, GraphQL and gRPC : A Comparison - Poornima Nayar](https://i.ytimg.com/vi/CUL-sKSLqkg/default.jpg)
![Develop in the cloud with dev containers and GitHub Codespaces - Jakob Ehn](https://i.ytimg.com/vi/JJhueuA_d4Y/default.jpg)
![Fun with Algorithms - Tess Ferrandez-Norlander](https://i.ytimg.com/vi/vDxLh_SFc-A/default.jpg)
![Introducing programming for kids - Johan Lindfors](https://i.ytimg.com/vi/L7fdk2G3CtE/default.jpg)
![Git Hidden Gems - Enrico Campidoglio](https://i.ytimg.com/vi/uMHREeHVEkQ/default.jpg)
![Azure Static Web Apps - From zero to deployed app in 60 minutes - Stacy Cashmore](https://i.ytimg.com/vi/Q7JZs8Qzvlo/default.jpg)
![From NT4 to .NET Core : Twenty Years of Continuous Improvement - Dylan Beattie](https://i.ytimg.com/vi/QeWwHdUX7QQ/default.jpg)
![Trauma free incident management - Mårten Rånge](https://i.ytimg.com/vi/hTbKBzNf2oo/default.jpg)
![SWETUGG 2015 - Asp.Net 5 - Äntligen tar .Net en vänding! - Fredrik Normén](https://i.ytimg.com/vi/BFUTI_ouzSs/default.jpg)
![Continuous security - Kim van Wilgen](https://i.ytimg.com/vi/41kQMdpiCm8/default.jpg)
![Exploring Source Generators - Martin Ullrich](https://i.ytimg.com/vi/ncoDBB5r69E/default.jpg)
![Hypotesdriven utveckling - Johan Normén](https://i.ytimg.com/vi/PCXtKFK0GzQ/default.jpg)
![.Net Security 101 - Cecilia Wirén](https://i.ytimg.com/vi/jESaY7ZjhIY/default.jpg)
![Forget about 10x developers - why you should look for a 10x team - Madeleine Schönemann](https://i.ytimg.com/vi/WMCH-Hg_re8/default.jpg)